session tracking lec 31. revisiting session tracking http is a stateless protocol every request is...
TRANSCRIPT
Session TrackingLec 31
Revisiting Session Tracking
HTTP is a stateless protocol Every request is considered independent of every other
request
Many web applications need to maintain a conversational state with the client A shopping cart is a classic example
Store State Somewhere
Server Side? Makes Server Really Complicated State per client!
Client Side?
“Post-Notes”
Server puts little notes on the client side
When client submits the next form, it also (unknowingly) submits these little notes
Server reads the notes, remembers who the client is
Three Typical Solutions
Cookies
URL Rewriting
Hidden Fields
Handling Cookies
Potential of Cookies
Idea
Web server sends a simple name-value pair to client (web browser etc.)
Saved by the client
Later, Client returns same name and value when it connects to same site (or same domain, depending on cookie settings)
Potential of Cookies
Typical Uses of Cookies
Identifying a user during an e-commerce session Servlets have a higher-level API for this task
Avoiding username and password
Customizing a site
Focused advertising
Sending Cookies to Browser Create a Cookie object
Cookie c = new Cookie("name", "value");
Set the Maximum age etc Cookie persists on disk
c.setMaxAge(seconds);
// Set other attributes.
Place the Cookie into HTTP response If you forget this step, no cookie will be sent to the browser
response.addCookie(c);
Reading Cookies from Browser To read incoming cookies, get them from request object
Cookie[] cookies = request.getCookies();
Once you have an array of cookies, you can iterate over it Use getName and getValue to retrieve cookie name & value
respectively
for(int i=0; i<cookies.length; i++) {
Cookie c = cookies[i]; if (c.getName().equals("someName")){ // doSomethingWith cookie break; } }
Example 1: RepeatVisitor
This servlet checks for a unique cookie, named “repeat”. If the cookie is present, servlet says “Welcome
Back” Otherwise, servlet says “Welcome Aboard”.
Example CodeRepeat Visitor
Using Cookies to Detect First-Time Visitors (Results)
HTTP Cookies
String sID = makeUniqueString();Hashtable sessionInfo = new Hashtable();Hashtable globalTable = findTableStoringSessions();globalTable.put(sID, sessionInfo);Cookie sessionCookie = new Cookie("JSESSIONID", sID);response.addCookie(sessionCookie);
1239865610
Credit: cs193i at Standford
HTTP Cookies
String sID = makeUniqueString();Hashtable sessionInfo = new Hashtable();Hashtable globalTable = findTableStoringSessions();globalTable.put(sID, sessionInfo);Cookie sessionCookie = new Cookie("JSESSIONID", sID);response.addCookie(sessionCookie);
1239865610
Credit: cs193i at Standford
HTTP Cookies
String sID = makeUniqueString();Hashtable sessionInfo = new Hashtable();Hashtable globalTable = findTableStoringSessions();globalTable.put(sID, sessionInfo);Cookie sessionCookie = new Cookie("JSESSIONID", sID);response.addCookie(sessionCookie);
1239865610
Credit: cs193i at Standford
HTTP Cookies
String sID = makeUniqueString();Hashtable sessionInfo = new Hashtable();Hashtable globalTable = findTableStoringSessions();globalTable.put(sID, sessionInfo);Cookie sessionCookie = new Cookie("JSESSIONID", sID);response.addCookie(sessionCookie);
1239865610
Credit: cs193i at Standford
HTTP Cookies
String sID = makeUniqueString();Hashtable sessionInfo = new Hashtable();Hashtable globalTable = findTableStoringSessions();globalTable.put(sID, sessionInfo);Cookie sessionCookie = new Cookie("JSESSIONID", sID);response.addCookie(sessionCookie);
1239865610
JSESSIONID → 1239865610
Credit: cs193i at Standford
HTTP Cookies
String sID = makeUniqueString();Hashtable sessionInfo = new Hashtable();Hashtable globalTable = findTableStoringSessions();globalTable.put(sID, sessionInfo);Cookie sessionCookie = new Cookie("JSESSIONID", sID);response.addCookie(sessionCookie);
1239865610
Set-Cookie: JSESSIONID=1239865610;
Credit: cs193i at Standford
HTTP Cookies
Cookie: JSESSIONID=1239865610;
// On request
String sID = getCookieValue("JSESSIONID");Hashtable globalTable = findTableStoringSessions();Hashtable sInfo = (Hashtable) globalTable.get(sID);
// sInfo contains the data related to user Credit: cs193i at Standford
HTTP Cookies
Cookie: JSESSIONID=1239865610;
// On request
String sID = getCookieValue("JSESSIONID");Hashtable globalTable = findTableStoringSessions();Hashtable sInfo = (Hashtable) globalTable.get(sID);
// sInfo contains the data related to user Credit: cs193i at Standford
HTTP Cookies
Cookie: JSESSIONID=1239865610;
1239865610
// On request
String sID = getCookieValue("JSESSIONID");Hashtable globalTable = findTableStoringSessions();Hashtable sInfo = (Hashtable) globalTable.get(sID);
// sInfo contains the data related to user Credit: cs193i at Standford
Example : Online Book Storeusing cookies
netBeans project -CookieSessionEx