Session Tracking in JSP
Session Tracking :
HTTP is a "stateless" protocol which means each time a client retrieves a Web page, the client opens a new connection to the Web server and the server does not keep any record of previous client request.Session tracking is a mechanism that is used to maintain state about a series of requests from the same user(requests originating from the same browser) across some period of time. A session id is a unique token number assigned to a specific user for the duration of that user's session.
Session Tracking :
HTTP is a "stateless" protocol which means each time a client retrieves a Web page, the client opens a new connection to the Web server and the server does not keep any record of previous client request.Session tracking is a mechanism that is used to maintain state about a series of requests from the same user(requests originating from the same browser) across some period of time. A session id is a unique token number assigned to a specific user for the duration of that user's session.
Need Of Session Tracking :
HTTP is a stateless protocol so When there is a series of continuous request and response from a same client to a server, the server cannot identify which client is sending request.If we want to maintain the conversational state,session tracking is needed. For example, in a shopping cart application a client keeps on adding items into his cart using multiple requests.When every request is made,the server should identify in which client's cart the item is to be added. So in this scenario, there is a certain need for session tracking.
Solution is, when a client makes a request it should introduce itself by providing unique identifier every time.There are four ways to maintain session between web client and web server.
When we are writing java code inside the Jsp, we may get exception inside that.In order to handle the exception we need to write try/catch blocks many times in all the Jsp pages.To avoid the try ,catch block and to centralize the exception handling use errorPage and IsErrorPage attribute inside the JSP where you want to handle all the exceptions.
Methods to track session :
Cookies :
Cookies mostly used for session tracking. Cookie is a key value pair of information, sent by the server to the browser. This should be saved by the browser in its space in the client computer. Whenever the browser sends a request to that server it sends the cookie along with it. Then the server can identify the client using the cookie.
This is not an effective way because many time browser does not support a cookie or users can opt to disable cookies using their browser preferences. In such case, the browser will not save the cookie at client computer and session tracking fails.
URL Rewriting :
Here is a simple URL which will pass two values using GET method.You can append some extra data on the end of each URL that identifies the session, and the server can associate that session identifier with data it has stored about that session.For Example Original URL:http://javwebtutor.com/jsp/name Rewritten URL: http://javawebtutor.com/jsp/name?sessionid=12345 .When a request is made an additional parameter is appended with the url.sessionid=12345, the session identifier is attached as sessionid=12345 which can be accessed at the web server to identify the client.
Hidden Form Fields :
HTML forms have an entry that looks like <INPUT TYPE="HIDDEN" NAME="session" VALUE="...">.
This means that, when the form is submitted, the specified name and value are included in the GET or POST data. This can be used to store information about the session. However, it has the major disadvantage that it only works if every page is dynamically generated, since the whole point is that each session has a unique identifier.
The session Object :
Servlets provided HttpSession Interface will provides a way to identify a user across multiple request to a Web site and to store information about that user.
For JSPs, by default a session is automatically created for the request if one does not exist. So if your starting page is a JSP, a session would have already been created when you get the first request.
1. Setting Session :
Before we validate or check the existing session it is important to know that how we can set session in JSP. We need to use session.setAttribute("ATTRIBUTE NAME","ATTRIBUTE VALUE") method for setting value in session.you can set as many attribute as you want.
2. Retrieving values from session attribute :
To retrieve value from session attribute we need to use following method. session.getAttribute("attribute name");
The information can be stored in the session for the current session by setAttribute() and then retrieve by getAttribute() method, whenever needed.
Setting Session : session.setAttribute("username", name);
Getting Session : session.getAttribute("username")
To understand a session let us create a very simple example of getting the name from the user and saving it in the session, we will retrieve this name from session on next page and display on the page.
index.jsp
<%@ page isErrorPage="true" %> <html> <head> <title>Session Management Example</title> </head> <body> <form method="post" action="firstpage.jsp"> <font size=5>Enter your name<input type="text" name="name"></font><br><br> <font size=5>Enter your password<input type="password" name="password"> </font><br><br> <input type="submit" name="submit" value="submit"> </form> </body> </html>
firstpage.jsp
<%
String name = request.getParameter("name");
String password = request.getParameter("password");
if (name.equals("mukesh") && password.equals("kumar")) {
session.setAttribute("username", name);
response.sendRedirect("secondpage.jsp");
}
else {
response.sendRedirect("index.jsp");
}
%>
secondpage.jsp
<html>
<head>
<title>Welcome in the program of session</title>
</head>
<body>
<font size = 5>Hello <%= session.getAttribute("username") %></font>
</body>
</html>
Output in Browser :
When entered value is wrong you will be redirected to index.jsp page
Download this example(developed in Eclipse)
Related Articles
