Prentice Hall and Sun Microsystems. Personal use only; do not redistribute.
200
Chapter 9 Session Tracking
Cookies
You can use HTTP cookies to store information about a shopping session, and
each subsequent connection can look up the current session and then extract
information about that session from some location on the server machine.
For example, a servlet could do something like the following:
String sessionID = makeUniqueString();
Hashtable sessionInfo = new Hashtable();
Hashtable globalTable = findTableStoringSessions();
globalTable.put(sessionID, sessionInfo);
Cookie sessionCookie = new Cookie("JSESSIONID", sessionID);
sessionCookie.setPath("/");
response.addCookie(sessionCookie);
Then, in later requests the server could use the 
globalTable
 hash table to
associate a session ID from the 
JSESSIONID
 cookie with the 
sessionInfo
hash table of data associated with that particular session. This is an excellent
solution and is the most widely used approach for session handling. Still, it
would be nice to have a higher level API that handles some of these details.
Even though servlets have a high level and easy to use interface to cookies
(see Chapter 8), a number of relatively tedious details still need to be han 
dled in this case:
Extracting the cookie that stores the session identifier from the 
other cookies (there may be many cookies, after all)
Setting an appropriate expiration time for the cookie (sessions 
that are inactive for 24 hours probably should be reset)
Associating the hash tables with each request
Generating the unique session identifiers
Besides, due to real and perceived privacy concerns over cookies (see Sec 
tion 8.2), some users disable them. So, it would be nice to have alternative
implementation approaches in addition to a higher level protocol.
URL Rewriting
With this approach, the client appends some extra data on the end of each
URL that identifies the session, and the server associates that identifier
with data it has stored about that session. For example, with
http://host/path/file.html;jsessionid=1234
, the session information
is attached as 
jsessionid=1234
. This is also an excellent solution, and even
has the advantage that it works when browsers don't support cookies or when
Second edition of this book: www.coreservlets.com; Sequel: www.moreservlets.com.
Servlet and JSP training courses by book's author: courses.coreservlets.com.






footer




 

 

 

 

 Home | About Us | Network | Services | Support | FAQ | Control Panel | Order Online | Sitemap | Contact

jsp web hosting

 

Our partners: PHP: Hypertext Preprocessor Best Web Hosting Java Web Hosting Jsp Web Hosting Cheapest Web Hosting

Visionwebhosting.net Business web hosting division of Web Design Plus. All rights reserved