Scribd
Upload
20 views46 pages

Cs378 Slide07 Session Tracking

Uploaded by

iloik2013
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
20 views46 pages

Cs378 Slide07 Session Tracking

Uploaded by

iloik2013
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 46

YANBU UNIVERSITY COLLEGE

CS378 – SLIDE – 07
SESSION TRACKING

1
To Cover
Overview of Session Tracking
What is a session?

What is session traction?

Why is session tracking required?

Session Tracking Techniques

Session Tracking Programming Examples

2
OVERVIEW OF SESSION
TRACKING

3
What is a Session?
A session is:

a conversation between the server and a client

a particular interval of time in which communication


between the client and the server is happening
with HTTP

4
What Session Tracking?
Session tracking is a mechanism used by the Web
container to store session information for a
particular user

Session tracking can be considered as a way to


maintain state (data) of a user. It is also known as
session management in servlet

5
Why is Session Tracking
Required?
HTTP (Hypertext Transfer Protocol) is the set
of rules for transferring files such as text,
images, sound, video and other multimedia
files over the web

As soon as a users open their web browser,


they are indirectly using HTTP

6
Why is Session Tracking
Required?
HTTP is a “stateless” protocol, which means that

each time a client requests a


Web page, the client and the server does not retain
establishes a new connection track of prior requests
with the Web server

7
Why is Session Tracking
Required?
HTTP is a “stateless” protocol, which means that

each time a client requests a


Web page, the client and the server does not retain
establishes a new connection track of prior requests
with the Web server

Session tracking is
important for tracking
Session tracking is
conversions in online
used to recognize
shopping, mailing
the particular user
applications, and E-
Commerce
applications 8
SESSION TRACKING
TECHNIQUES

9
Session Tracking Techniques
There are four session tracking techniques

Cookies

Hidden Form Field

URL Rewriting

HttpSession

10
Cookies
A cookie is a key value pair of information, sent by the server
to the browser and then browser sends back this identifier to
the server for subsequent request(s) there on

Cookies can be used for session tracking

Disadvantage
Advantage cookies can be deleted /
One of the simplest disables by client
technique for session
tracking

11
Cookies
Steps of sending cookies to the client

Create a new cookie object


Cookie cookie = new Cookie (name, value);

Set the cookie maximum age


cookie.setMaxAge (60);

Add the cookie to response headers


response.addCookie (cookie);

12
Hidden Form Field
The hidden form field is used to insert the information in the
webpages and this information is sent to the server

These fields are not viewable to the user directly.


Example:
<input type = 'hidden' name = 'session' value = '12345' >

Disadvantage
(1) Lots of tedious processing
(2) All pages must be the
Advantage
result of form submissions
Works even if cookies are
disabled or unsupported
13
URL Rewriting
We can append some extra data at the end of each URL that
identifies the session, and the server can associate that
session identifier with data it has stored about that session

Example:
http://www.rcyci.com/file.htm;sessionid = 12345

Disadvantage
(1) Lots of tedious processing
(2) All pages must be
dynamically generated
Advantage
because you need to add
Works even if cookies are
userdata to url submissions
disabled or unsupported
14
HttpSession API

Servlets provide a convenient and


stable session-tracking solution using
the HttpSession API

This high-level interface is built on top


of cookies or URL rewriting

15
HttpSession API
Session tracking in servlet is very simple
and it involves following steps
Accessing the session object associated with the
current request

Looking up information associated with a session

Storing information in a session

Discarding session data


16
Accessing the Session Object
To get user’s session object, call request.getSession

HttpSession session = request.getSession();

If the user
If you want to
already has a If no session
know if this is
session the exists a new
a new session,
existing one is created
call isNew()
session is and returned
method
returned

17
Accessing the Session Object
To disable creation of new sessions, pass false to the
getSession() method.
HttpSession session = request.getSession(false);

If no current
session exists,
you will get
back a null
object
18
Looking up Information
Associated with a Session
HttpSession objects live on the server; they
don’t go back and forth over the network

they’re just automatically associated with the


client by a mechanism like cookies or URL
rewriting

You use session.getAttribute("key") to look up


a previously stored value.
The return type is Object, cast the return
value to the appropriate type

19
Behind the Scene

When you call getSession(), each user is automatically


assigned a unique session ID, which get to the user
using one of the following options:

20
Looking up Information
Associated with a Session
The return value is null if there is no such attribute, so
you need to check for null before calling methods on
objects associated with sessions

21
Storing Information in a Session

Use setAttribute with a key and a value to add


information

22
Discarding Session Data

To remove a specific attribute call


removeAttribute(String name) method

To delete an entire session, call


invalidate() method

To set a timeout for a session, call


setMaxInactiveInterval(int interval) method

23
HttpSession Methods

24
HttpSession Methods

25
CLASS WORK

26
Class Work
• What is session tracking?

Session tracking is a mechanism used by the Web


container to store session information for a
particular user

27
Class Work
• Why do we need session tracking?

Session tracking is important for tracking


conversions in online shopping, mailing
applications, and E-Commerce applications

28
Class Work
• HTTP is a stateless protocol, what does it
mean?
It means each time a client requests a Web page,
the client establishes a new connection with the
Web server and the server does not retain track of
prior requests

29
Class Work
• How many session tracking techniques
are there? Mention them.
There are four session tracking techniques:

(1) Cookies (2) Hidden form field (3) URL rewriting


(4) HttpSession

30
Class Work
• Write an HTML code to create a hidden
field that can be used for session tracking

<input type = 'hidden' name = 'session' value = '112233'>

31
Class Work
• Mention any disadvantage of using
cookies for session tracking

Cookies can be deleted or disabled

32
Class Work
HttpSession s = request.getSession();

The above statement will create a new


session and return it if the user has no
session. Write a command to disable the
creation of a new session.

HttpSession s = request.getSession(fales);

33
Class Work
• Write a command to discard the session
and delete all its attributes?

session.invalidate();

34
Class Work
• By default, how long does a session last?

Until the session ends (such as closing


the browser)

35
SESSION TRACKING
EXAMPLES

36
Printing Session Information
Example 1

37
Printing Session Information
Example 1

38
Storing / Retrieving Session
Object - Example 2
• Write an example to demonstrate storing
and retrieving of an object from session

39
Storing / Retrieving Session
Object - Example 2

40
Storing / Retrieving Session
Object - Example 2

41
Invalidating Session
Example 3

42
Invalidating Session
Example 3

43
Invalidating Session
Example 3

44
THANK
YOU
45
? 46

You might also like