{"id":3455,"date":"2020-06-01T18:22:08","date_gmt":"2020-06-01T12:52:08","guid":{"rendered":"https:\/\/www.h2kinfosys.com\/blog\/?p=3455"},"modified":"2020-06-01T18:22:10","modified_gmt":"2020-06-01T12:52:10","slug":"what-is-session-management","status":"publish","type":"post","link":"https:\/\/www.h2kinfosys.com\/blog\/what-is-session-management\/","title":{"rendered":"What is Session Management?"},"content":{"rendered":"\n<p>Session management is used to store session information of a user. It is also known as Session tracking. Session Management is used to maintain the state of a user because the<a href=\"https:\/\/www.h2kinfosys.com\/blog\/what-is-servlet-communication\/\"> HTTP protocol is stateless<\/a>. Every request made to the server by the user, it is considered as a new request. Hence, it becomes essential to store the session information to recognize the user.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Session Tracking Techniques:<\/strong><\/h2>\n\n\n\n<p>Session Tracking is done using the below four techniques:<\/p>\n\n\n\n<ol class=\"wp-block-list\"><li>Cookies<\/li><li>Hidden Form Field<\/li><li>URL Rewriting<\/li><li><a href=\"https:\/\/www.h2kinfosys.com\/blog\/what-are-the-attributes-in-servlet\/\">HttpSession<\/a><\/li><\/ol>\n\n\n\n<h4 class=\"wp-block-heading\">1] <strong>Cookies:<\/strong><\/h4>\n\n\n\n<p>Cookies are a small piece of information that is sent by the server along with the response and is stored on the client\u2019s system. There are two types of cookies:\u00a0<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Non-persistent cookie: These cookies are valid for only a single session, and cookies will be removed when the user closes the browser.<\/li><li>Persistent cookie: These cookies are valid for multiple sessions and cookies will not be removed when the user close the browser. Cookies will only remove when the user log out\/sign out.<\/li><\/ul>\n\n\n\n<p><strong>Methods used in Cookie Class:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>public void setMaxAge(int expiry): This will set the maximum age of the cookie in seconds.<\/li><li>public String getName(): This method will return the name of the cookie and the name cannot be changed after it has been created.<\/li><li>public String getValue(): It returns the value of the cookie.<\/li><li>public void setName(String name): This is used to change the name of the cookie.<\/li><li>public void setValue(String value): This is used to change the value of the cookie.<\/li><li>public void addCookie(Cookie ck): This method of HttpServletResponse interface is used to add cookie in response object.<\/li><li>public Cookie[] getCookies(): This method of HttpServletRequest interface is used to return all the cookies from the browser.<\/li><\/ul>\n\n\n\n<p><em><strong>Example:<\/strong> <strong>Index.html<\/strong><\/em><\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">&lt;form method=\"post\" action=\"validate\"&gt;\n&nbsp;&nbsp;&nbsp;&nbsp;Name:&lt;input type=\"text\" name=\"user\" \/&gt;&lt;br\/&gt;\n&nbsp;&nbsp;&nbsp;&nbsp;Password:&lt;input type=\"text\" name=\"pass\" &gt;&lt;br\/&gt;\n&nbsp;&nbsp;&nbsp;&nbsp;&lt;input type=\"submit\" value=\"submit\"&gt;\n&lt;\/form&gt;<\/pre>\n\n\n\n<p><strong><em>MyServlet.java<\/em><\/strong><\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">import java.io.*;\nimport javax.servlet.*;\nimport javax.servlet.http.*;\n\npublic class MyServlet extends HttpServlet {\n&nbsp;&nbsp;protected void doPost(HttpServletRequest request, HttpServletResponse response)\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;throws ServletException, IOException {\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;response.setContentType(\"text\/html;charset=UTF-8\");\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;String name = request.getParameter(\"user\");\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;String pass = request.getParameter(\"pass\");&nbsp;\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;if(pass.equals(\"1234\"))\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;{\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Cookie ck = new Cookie(\"username\", name);\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;response.addCookie(ck);\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;response.sendRedirect(\"First\");\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;}\n&nbsp;&nbsp;&nbsp;&nbsp;}\n}<\/pre>\n\n\n\n<p><strong><em>First.java<\/em><\/strong><\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">import java.io.*;\nimport javax.servlet.*;\nimport javax.servlet.http.*;\n&nbsp;public class First extends HttpServlet {\n&nbsp;&nbsp;protected void doGet(HttpServletRequest request, HttpServletResponse response)\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;throws ServletException, IOException {\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;response.setContentType(\"text\/html;charset=UTF-8\");\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;PrintWriter out = response.getWriter();\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Cookie[] cks = request.getCookies();\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;out.println(\"Welcome \"+ cks[0].getValue());\n&nbsp;&nbsp;&nbsp;&nbsp;}\n}<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>2] Hidden Form Field:<\/strong><\/h4>\n\n\n\n<p>In Hidden form Field, a hidden text field is used to maintain the session information.<\/p>\n\n\n<p>[box type=&#8221;info&#8221; align=&#8221;&#8221; class=&#8221;&#8221; width=&#8221;&#8221;]Syntax: <strong>&lt;input type=&#8221;hidden&#8221; name=&#8221;uname&#8221; value=&#8221;ABC&#8221;&gt;<\/strong>\u00a0\u00a0[\/box]<\/p>\n\n\n<p>Hidden form Field always work whether cookies are enable or not and are maintained at sever side.<\/p>\n\n\n\n<p><strong>Example:<\/strong><\/p>\n\n\n\n<p><strong>First.java<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">import java.io.*;\nimport javax.servlet.*;\nimport javax.servlet.http.*;\npublic class First extends HttpServlet {\n&nbsp;&nbsp;protected void doPost(HttpServletRequest request, HttpServletResponse response)\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;throws ServletException, IOException {\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;response.setContentType(\"text\/html;charset=UTF-8\");\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;PrintWriter out = response.getWriter();\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;\n\/\/getting value submitted in form from HTML file\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;String user = request.getParameter(\"user\");&nbsp;\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;\/\/creating a new hidden form field\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;out.println(\"&lt;form action='Second'&gt;\");\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;out.println(\"&lt;input type='hidden' name='user' value='\"+user+\"'&gt;\");\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;out.println(\"&lt;input type='submit' value='submit' &gt;\");\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;out.println(\"&lt;\/form&gt;\");\n&nbsp;&nbsp;&nbsp;&nbsp;}\n}<\/pre>\n\n\n\n<p><strong><em>Second.java<\/em><\/strong><\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">import java.io.*;\nimport javax.servlet.*;\nimport javax.servlet.http.*;\npublic class Second extends HttpServlet {\n&nbsp;&nbsp;protected void doGet(HttpServletRequest request, HttpServletResponse response)\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;throws ServletException, IOException {\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;response.setContentType(\"text\/html;charset=UTF-8\");\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;PrintWriter out = response.getWriter();\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;\/\/getting parameter from the hidden field\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;String user = request.getParameter(\"user\");\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;out.println(\"Welcome \"+user);\n&nbsp;&nbsp;&nbsp;&nbsp;}\n}<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>3] URL Rewriting<\/strong><\/h4>\n\n\n\n<p>In <a href=\"https:\/\/en.wikipedia.org\/wiki\/Rewrite_engine\" rel=\"nofollow noopener\" target=\"_blank\">URL Rewriting<\/a> a token or an identifier is added to the URL of the next Servlet Request. This token or identifier contains value in the form of name\/value pairs separated by equal ( = ) sign.<\/p>\n\n\n<p>[box type=&#8221;info&#8221; align=&#8221;&#8221; class=&#8221;&#8221; width=&#8221;&#8221;]Syntax: url?name1=value1&amp;name2=value2&amp;?? [\/box]<\/p>\n\n\n<p>It will also work whether a cookie is enable or not. The main disadvantage of URL Rewriting approach is that it only works with the links.<\/p>\n\n\n\n<p><strong>Example<\/strong><\/p>\n\n\n\n<p><strong><em>MyServlet.java<\/em><\/strong><\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">import java.io.*;\nimport javax.servlet.*;\nimport javax.servlet.http.*;\npublic class MyServlet extends HttpServlet {\n&nbsp;&nbsp;protected void doPost(HttpServletRequest request, HttpServletResponse response)\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;throws ServletException, IOException {\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;response.setContentType(\"text\/html;charset=UTF-8\");\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;String name = request.getParameter(\"user\");\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;String pass = request.getParameter(\"pass\");\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;if(pass.equals(\"1234\"))\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;{\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;response.sendRedirect(\"First?user_name=\"+ name);\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;}\n&nbsp;&nbsp;&nbsp;&nbsp;}&nbsp;&nbsp;&nbsp;\n}<\/pre>\n\n\n\n<p><strong><em>First.java<\/em><\/strong><\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">import java.io.*;\nimport javax.servlet.*;\nimport javax.servlet.http.*;\npublic class First extends HttpServlet {\n&nbsp;&nbsp;protected void doGet(HttpServletRequest request, HttpServletResponse response)\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;throws ServletException, IOException {\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;response.setContentType(\"text\/html;charset=UTF-8\");\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;PrintWriter out = response.getWriter();\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;String user = request.getParameter(\"user_name\");\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;out.println(\"Welcome \"+user);\n&nbsp;&nbsp;&nbsp;&nbsp;}\n}<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>4] HttpSession<\/strong><\/h4>\n\n\n\n<p>In HttpSession web container creates a session id for each user which is then used to identify the user. HttpSession are used to perform two tasks:<\/p>\n\n\n\n<ol class=\"wp-block-list\"><li>bind the objects.<\/li><li>View and change the information about a session such as session id, creation time, etc.<\/li><\/ol>\n\n\n\n<p><strong>Methods used in HttpSession:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>public HttpSession getSession(): It will return the current session associated with the request, and if the request does not have any session then it will create one.<\/li><li>public HttpSession getSession(boolean create): It will return the current HttpSession associated with this request, and if there is no current session established and value of create is true it will then returns a new session.<\/li><li>public String getId(): It will return a string containing the unique identifier value.<\/li><li>public long getCreationTime(): It returns the time when this session was created.<\/li><li>public long getLastAccessedTime(): It returns the last time the client sent a request associated.<\/li><li>public void invalidate(): It will invalidate the session and then unbinds any objects which are bound to it.<\/li><\/ul>\n\n\n\n<p><strong>Example:<\/strong><\/p>\n\n\n\n<p><strong><em>Validate.java<\/em><\/strong><\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">import java.io.*;\nimport javax.servlet.*;\nimport javax.servlet.http.*;\npublic class Validate extends HttpServlet {\n&nbsp;&nbsp;&nbsp;&nbsp;protected void doPost(HttpServletRequest request, HttpServletResponse response)\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;throws ServletException, IOException {\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;response.setContentType(\"text\/html;charset=UTF-8\");\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;String name = request.getParameter(\"user\");\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;String pass = request.getParameter(\"pass\");\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;if(pass.equals(\"1234\"))\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;{\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;\/\/creating a session\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;HttpSession session = request.getSession();\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;session.setAttribute(\"user\", name);\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;response.sendRedirect(\"Welcome\");\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;}\n&nbsp;&nbsp;&nbsp;&nbsp;}\n}<\/pre>\n\n\n\n<p><strong><em>Welcome.java<\/em><\/strong><\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">import java.io.*;\nimport javax.servlet.*;\nimport javax.servlet.http.*;\npublic class Welcome extends HttpServlet {\n&nbsp;&nbsp;&nbsp;&nbsp;protected void doGet(HttpServletRequest request, HttpServletResponse response)\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;throws ServletException, IOException {\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;response.setContentType(\"text\/html;charset=UTF-8\");\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;PrintWriter out = response.getWriter();\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;HttpSession session = request.getSession();\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;String user = (String)session.getAttribute(\"user\");\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;out.println(\"Hello \"+user);\n&nbsp;&nbsp;&nbsp;&nbsp;}\n}<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>Session management is used to store session information of a user. It is also known as Session tracking. Session Management is used to maintain the state of a user because the HTTP protocol is stateless. Every request made to the server by the user, it is considered as a new request. Hence, it becomes essential [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":3462,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[42],"tags":[862,863,865,860,861,864],"class_list":["post-3455","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-java-tutorials","tag-cookies","tag-hidden-form-field","tag-httpsession","tag-session-management","tag-session-tracking-techniques","tag-url-rewriting"],"_links":{"self":[{"href":"https:\/\/www.h2kinfosys.com\/blog\/wp-json\/wp\/v2\/posts\/3455","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.h2kinfosys.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.h2kinfosys.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.h2kinfosys.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.h2kinfosys.com\/blog\/wp-json\/wp\/v2\/comments?post=3455"}],"version-history":[{"count":0,"href":"https:\/\/www.h2kinfosys.com\/blog\/wp-json\/wp\/v2\/posts\/3455\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.h2kinfosys.com\/blog\/wp-json\/wp\/v2\/media\/3462"}],"wp:attachment":[{"href":"https:\/\/www.h2kinfosys.com\/blog\/wp-json\/wp\/v2\/media?parent=3455"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.h2kinfosys.com\/blog\/wp-json\/wp\/v2\/categories?post=3455"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.h2kinfosys.com\/blog\/wp-json\/wp\/v2\/tags?post=3455"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}