Session Tracking Methods

The following answer is applicable, regardless of the language and platform used. To follow things up should be understood before entering the follow-up of the session.

What is a session?

A session is a conversation between the server and a client. A conversation consists of a series of requests and continuous responses.

Why should a session be maintained?

When there are a series of requests and continuous responses from the same client to a server, the server cannot identify which client is receiving requests. Because HTTP is a stateless protocol.

When it is necessary to maintain the conversation state, the session tracking will be necessary. For example, in a shopping cart application, a customer continues to add items to his cart using several requests. When each request is made, the server must identify in which customer cart the item should be added. Therefore, in this scenario, there is a need for session tracking.

The solution is that when a client makes a request, it must be submitted providing a unique identifier each time. There are five different methods to achieve this.

Session tracking methods:

1. User authorization

2. Hidden fields

3. URL rewriting

4. Cookies

5. Session tracking API

The first four methods are traditionally used for session tracking on all server-side technologies. The method of the session tracking API is provided by the underlying technology (Java servlet or PHP or in the same way). The session tracking API is built on the first four methods.

1. User authorization

Users can be authorized to use the web application in different ways. The basic concept is that the user will provide the username and password to access the application. Based on this, the user can be identified and the session can be maintained.

2. Hidden fields

<INPUT TYPE = "hidden" NAME = "technology" VALUE = "servlet" >>

Hidden fields like the previous one can be inserted into the Web pages and the information can be sent to the server for session tracking. These fields are not visible directly to the user, but can be viewed using the browsers' display source option. This type does not need any special configuration of the server's browser and, by default, is available for use in session tracking. This can not be used for session tracking when the conversation included static resources such as html pages.

3. URL Rewriting

Original URL: http: // server: port / servlet / ServletName

Rewritten URL: http: // server: port / servlet / ServletName? Sessionid = 7456

When a request is made, the additional parameter is attached to the URL. In general, the additional parameter added will be sessionid or, sometimes, the userid. It will be enough to track the session. This type of session tracking does not need any special browser support. The disadvantage is that implementing this type of session tracking is tedious. We need to keep control of the parameter as a link in the chain until the conversation is complete and also ensure that the parameter does not collide with other parameters of the application.

4. Cookies

Cookies are the most used technology for session tracking. Cookie is a pair of key value information, sent by the server to the browser. This must be saved by the browser in its space on the client computer. Whenever the browser sends a request to that server, it sends the cookie along with it. Then, the server can identify the customer through the cookie.

In the java, follow the fragment of the source code to create a cookie:

Cookie cookie = new Cookie ("userID", "7456");

res.addCookie (cookie);

Session tracking is easy to implement and maintain using cookies. The disadvantage is that users can choose to disable cookies using their browser preferences. In this case, the browser will not save the cookie on the client computer and the session tracking will fail.

5. Session tracking API

The session tracking API is built on the first four methods. This is in order to help the developer minimize the overhead of session tracking. This type of session tracking is provided by the underlying technology. Let's take the example of the Java servlet. Next, the servlet container manages the session control task and the user does not have to do it explicitly using the java servlets. This is the best of all methods, because all the administration and errors related to the session tracking will be handled by the container itself.

Each server client will be assigned with a javax.servlet.http.HttpSession object. Java servlets can use the session object to store and retrieve Java objects in the session. Session tracking is best when it is implemented through the session tracking API.

To getting expert-level training for Java Training in your location – java training in chennai | java training in bangalore  | java training in pune | java training in chennai | java training in bangalore | java training in tambaram | java training in omr | java training in velachery | java training in annanagar | java training in chennai | java training in marathahalli | java training in btm layout | java training in jayanagar | java training in chennai | java training in usa | For getting java online training | java online training