SServlets - Session Tracking
HTTP is a "stateless" convention which implies each time a customer recovers a Web page, the customer opens a different association with the Web server and the server naturally does not keep any record of past customer request.
Still there are following three different ways to keep up session between web customer and web server −
A webserver can dole out a one of a kind session ID as a treat to each web customer and for consequent solicitations from the customer they can be perceived utilizing the recieved cookie.
This may not be a powerful way in light of the fact that many time program does not bolster a treat, so I would not prescribe to utilize this method to keep up the sessions.
Hidden Form Fields
A web server can send a shrouded HTML structure field alongside a one of a kind session ID as pursues −
<input type = "shrouded" name = "sessionid" esteem = "12345">
This passage implies that, when the structure is presented, the predetermined name and esteem are consequently incorporated into the GET or POST information. Each time when internet browser sends ask for back, at that point session_id esteem can be utilized to monitor diverse web browsers.
This could be a successful method for monitoring the session however tapping on a normal (<A HREF...>) hypertext interface does not result in a structure accommodation, so shrouded structure fields likewise can't bolster general session tracking.
You can add some additional information on the finish of every URL that distinguishes the session, and the server can connect that session identifier with information it has put away about that session.
For model, with http://tutorialspoint.com/file.htm;sessionid = 12345, the session identifier is connected as sessionid = 12345 which can be gotten to at the web server to recognize the client.
URL modifying is a superior method to keep up sessions and it works notwithstanding when programs don't bolster treats. The disadvantage of URL re-composing is that you would need to produce each URL progressively to allot a session ID, even if there should be an occurrence of a straightforward static HTML page.
The HttpSession Object
Apart from the previously mentioned three different ways, servlet gives HttpSession Interface which gives an approach to recognize a client crosswise over more than one page demand or visit to a Web website and to store data about that user.
The servlet holder utilizes this interface to make a session between a HTTP customer and a HTTP server. The session perseveres for a predetermined timespan, crosswise over more than one association or page ask for from the user.
You would get HttpSession object by calling the open strategy getSession() of HttpServletRequest, as underneath −
HttpSession session = request.getSession();
You need to call request.getSession() before you send any archive substance to the customer. Here is a synopsis of the critical techniques accessible through HttpSession object −
|Sr.No.||Method & Description|
public Object getAttribute(String name)
This strategy restores the article bound with the predefined name in this session, or invalid if no item is bound under the name.
public Enumeration getAttributeNames()
This technique restores an Enumeration of String objects containing the names of the considerable number of articles bound to this session.
public long getCreationTime()
This technique restores when this session was made, estimated in milliseconds since midnight January 1, 1970 GMT.
public String getId()
This technique restores a string containing the one of a kind identifier appointed to this session.
public long getLastAccessedTime()
This technique restores the last gotten to time of the session, in the configuration of milliseconds since midnight January 1, 1970 GMT
public int getMaxInactiveInterval()
This strategy restores the most extreme time interim (seconds), that the servlet holder will keep the session open between customer accesses.
public void nullify()
This strategy refutes this session and unbinds any items bound to it.
public boolean isNew(
This technique returns genuine if the customer does not yet think about the session or if the customer decides not to join the session.
public void removeAttribute(String name)
This technique evacuates the article bound with the predetermined name from this session.
public void setAttribute(String name, Object esteem)
This strategy ties an item to this session, utilizing the name specified.
public void setMaxInactiveInterval(int interim)
This strategy determines the time, in short order, between customer asks for before the servlet holder will negate this session.
Session Tracking Example
This model depicts how to utilize the HttpSession item to discover the creation time and the last-got to time for a session. We would connect another session with the demand on the off chance that one doesn't as of now exist.