Upload
shubhangi
View
214
Download
0
Embed Size (px)
Citation preview
7/31/2019 Maintaining Sessions
1/13
Maintaining Sessions
7/31/2019 Maintaining Sessions
2/13
HTTP Protocol
HTTP is called as a stateless protocol
because each command is request is
executed independently, without any
knowledge of the requests that were
executed before it.
7/31/2019 Maintaining Sessions
3/13
HTTP Request Methods:
GET Method: The Get method is used to getting
the data from the server. Get method appends
the parameters passed as query string to a URL,
in the form of key- value pairs. POST Method: The post method is used for
sending data to the server. In post method the
query string is appended along the request
object, they do not get appended in the URL, soparameters transfer in hidden form
http://www.roseindia.net/jsp/jspsession/HttpProtocol.shtmlhttp://www.roseindia.net/jsp/jspsession/HttpProtocol.shtml7/31/2019 Maintaining Sessions
4/13
HTTP Request Methods:
HEAD Method: When a user wants to know
about the headers, like MIME types, charset,
Content- Length then we use Head method.
With this no body content is returned. TRACE Method: Trace on the jsp resource
returns the content of the resource. Asks for a
loopback of the request message, so that the
use can see what is being recieved on the otherside
7/31/2019 Maintaining Sessions
5/13
7/31/2019 Maintaining Sessions
6/13
Http protocol is not reliable when we are doing
any type of transactions or any other related
work where persistence of the information is
necessary. To remove these obstacles we usesession management. In session management
whenever a request comes for any resource, a
unique token is generated by the serverand
transmitted to the client by the response objectand stored on the client machine as a cookie.
http://www.roseindia.net/jsp/jspsession/SessionManagement.shtmlhttp://www.roseindia.net/jsp/jspsession/SessionManagement.shtml7/31/2019 Maintaining Sessions
7/13
Session IDs are used to uniquely identify aclient browser, while the server sideprocesses are used to associate the
session ID with a level of access. Thus,once a client has successfullyauthenticated to the web applicatiion, thesession ID can be used as a stored
authentication voucher so that the clientdoes not have to retype their logininformation with each page request
7/31/2019 Maintaining Sessions
8/13
Session management can be achieved by
using the following thing: Cookies: cookies are small bits of textual information
that a web server sends to a browser and that browsersreturns the cookie when it visits the same site again. Incookie the information is stored in the form of a name,value pair. By default the cookie is generated. If the user
doesn't want to use cookies then it can disable them. URL rewriting: In URL rewriting we append some extra
information on the end of each URL that identifies thesession. This URL rewriting can be used where a cookieis disabled. It is a good practice to use URL rewriting. In
this session ID information is embedded in the URL,which is recieved by the application through Http GETrequests when the client clicks on the links embeddedwith a page.
7/31/2019 Maintaining Sessions
9/13
Hidden form fields: In hidden form fields thehtml entry will be like this : . This means that
when you submit the form, the specified nameand value will be get included in get or postmethod. In this session ID information would beembedded within the form as a hidden field andsubmitted with the Http POST command.
In JSP we have been provided a implicit objectsession so we don't need to create a object ofsession explicitly as we do in Servlets. In Jsp thesession is by default true. The session is definedinside the directive . If we don't declare it inside the
jsp page then session will be available to thepage, as it is default by true.
http://www.roseindia.net/jsp/jspsession/SessionManagement.shtmlhttp://www.roseindia.net/jsp/jspsession/SessionManagement.shtml7/31/2019 Maintaining Sessions
10/13
URLRewriting
URLRewriting can be used in place where we don'twant to use cookies. It is used to maintain the session.Whenever the browser sends a request then it is alwaysinterpreted as a new request because http protocol is a
stateless protocol as it is not persistent. Whenever wewant that out request object to stay alive till we decide toend the request object then, there we use the concept ofsession tracking
URLRewriting can be used where we the cookies are
disabled. Its a good practice to use URL Rewriting. InURLRewriting a string is appended
7/31/2019 Maintaining Sessions
11/13
Hidden Form Fields
Hidden form field is used to maintain the
session. It is one of the way to maintain the
session. In hidden form fields the html entry will
be like this : . This means that when you
submit the form, the specified name and value
will be get included in get or post method. In this
session ID information would be embeddedwithin the form as a hidden field and submitted
with the http post command.
7/31/2019 Maintaining Sessions
12/13
7/31/2019 Maintaining Sessions
13/13