Handling session defines how session should be managed internally. Session is meant for keeping track of user's information which is required further for the next proceeding requests. Scope of a session is alive from its creation till user finishes its consequent requests for a particular task. With the introduction of HttpSession interface session is get destroyed either by calling invalidate() or by setting the timer using setMaxInactiveInterval(int seconds). Session management is completely at the developer level, Servlet Container is not at all responsible for it.
Session data can be handled or managed by following four way .
1. URL Re-writing. --> To know more about URL Rewriting Click here
2. Hidden Form Field --> To know more about Hidden Form Field Click here
3. Cookies --> To know more about Cookies Click here
4. HTTP Session --> To know more about HTTP Session Click here
Step by step evaluation of each session tracking mechanism
At very first URL Rewriting technique was used to handle all the required session data by the client for the next consequent requests. With its many advantages and one of the major advantage of keeping the session data visible to the end users to the requested URL, next technique i.e Hidden Form field comes into existence which over comes the problem of keeping data visible but was only possible with the HTML form elements, cannot be used in servlet requesting for another servlet. Then a class is designed termed as Cookie which is capable of carrying session data to the client machine which reduces the server traffic, but was client dependent. All the session data was stored in the client machine in the form of a cookie. If by mistaken it gets disabled or deleted then all the previous session data get destroyed, which is a big drawback. So to make it at the server side a new interface was designed i.e HttpSession which is capable of managing session data effectively using the session object.
Note:
*Cookie is a class and HttpSession is an interface.
*Internally, Web container is using cookie for storing the jsessionid generated with the creation of session object and uses URL rewriting for managing jsessionid in case if
a. cookie is get disabled in the client's browser
b. its get deleted from the client machine.
To know more about jsessionid --- > Click Here..!!
0 comments:
Post a Comment