0% found this document useful (0 votes)
18 views14 pages

New Java PPT Sai Jvipul

Uploaded by

rohitpayil3807
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
18 views14 pages

New Java PPT Sai Jvipul

Uploaded by

rohitpayil3807
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 14

SCHOOL OF COMPUTER SCIENCE AND ENGINEERING DEPARTMENT

OF SCIENCE AND APPLICATION

• CIA -3 Presentation
• Subject: Advance Java
By
• M r. V i p u l S P a ti l
• Mr. Saikrishna B Dandwate
TY BCA- B
PRN NO -- 220105011333
220105011298
Academic year-2024-25
INTRODUCTION TO SESSION
MANAGEMENT

• Definition: Session management is a way to store and retrieve user-specific data


across multiple requests.
• Importance: Enables personalization, user authentication, and data persistence
across multiple pages in a web application.
WHAT IS URL REWRITING?

• Definition: A technique to maintain session state by embedding session


information directly into the URL.
• How it works:
• Appends session ID or parameters to the URL.
PROS AND CONS OF URL REWRITING

• Advantages:
• Works even if cookies are disabled.
• Simple implementation.
• Disadvantages:
• Security risks (session ID exposed in URL).
• Inconvenient for bookmarking.
• Limited length of URLs.
WHAT ARE COOKIES?

• Definition: Small pieces of data stored on the client-side (browser) and sent back
to the server with each request.
• Types:
• Session Cookies: Deleted when the browser is closed.
• Persistent Cookies: Stored on the user’s device for a defined period.
HOW COOKIES WORK

• Client-Server Flow:
• Server sends a cookie with a response.
• Browser stores the cookie.
• Browser sends the cookie back with subsequent requests to the same
server.
• Usage: Storing user preferences, tracking sessions, authentication tokens.
PROS AND CONS OF COOKIES

• Advantages:
• Simple, widely supported.
• Can store small pieces of user-specific data.
• Disadvantages:
• Limited size (4KB per cookie).
• Privacy concerns (tracking).
• Can be disabled by the user.
HTTP SESSION IN JAVA

• Definition: A server-side mechanism to store user data across multiple requests.

How it works:
• A unique session ID is generated for each user.
• Data is stored on the server side, linked with this session ID.
• The session ID is typically maintained via cookies or URL rewriting.
HTTP SESSION VS COOKIES

•Http Session: •Cookies:


• Server-side storage. • Client-side storage.

• More secure (data not • Used for lightweight data


exposed to the client). like user preferences.

• Larger data storage • Limited data size and


capacity. subject to user settings.
What is User Authorization?

Definition:
User authorization is the process of granting or denying access to resources based on a user's privileges.

•Difference from Authentication:

•Authentication verifies identity (who you are).


•Authorization defines what actions you're allowed to perform (what you can do).

•Examples:

•Admins can modify user data.


•Regular users can view data but not edit.
TYPES OF USER AUTHORIZATION

• Role-Based Access Control (RBAC):


Users are assigned roles, and access rights are assigned to these roles.
• Attribute-Based Access Control (ABAC):
Access is granted based on user attributes, resource attributes, and environmental
conditions.
• Access Control Lists (ACLs):
Specific permissions are assigned to users for specific resources.
IMPLEMENTING USER AUTHORIZATION

• How to Implement User Authorization


Steps:

• Define user roles and permissions based on organizational needs.


• Use authentication mechanisms (e.g., OAuth, JWT).
• Regularly review and update access controls.
• Best Practices:
• Principle of Least Privilege: Users should have the minimum level of access necessary.
• Regular audits and monitoring of access logs.
CONCLUSION

• Key Takeaways:
• URL rewriting can manage sessions when cookies are disabled, but it has security risks.
• Cookies are useful for lightweight, client-side storage, but have size and privacy limitations.

• Final Thought: Choose the appropriate session management technique based on the application's
needs for security, data size, and browser compatibility.

You might also like