Scribd
Upload
44 views21 pages

Usingcookiesandsessions 170309143201

The document compares cookies and sessions for maintaining state in web applications. Cookies are pieces of text stored on the user's computer that get sent back and forth with each request, while sessions use a unique identifier stored in a cookie to look up server-side stored data associated with the user. The document provides examples of how Flipkart uses sessions to maintain shopping carts and how Gmail uses cookies for login functionality. It also outlines some key methods for working with HTTP sessions in servlets like getSession(), getAttribute(), setAttribute(), and invalidate().

Uploaded by

abc
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
44 views21 pages

Usingcookiesandsessions 170309143201

The document compares cookies and sessions for maintaining state in web applications. Cookies are pieces of text stored on the user's computer that get sent back and forth with each request, while sessions use a unique identifier stored in a cookie to look up server-side stored data associated with the user. The document provides examples of how Flipkart uses sessions to maintain shopping carts and how Gmail uses cookies for login functionality. It also outlines some key methods for working with HTTP sessions in servlets like getSession(), getAttribute(), setAttribute(), and invalidate().

Uploaded by

abc
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 21

Using Cookies and Sessions

By
Sana Mateen
Cookie vs session
cookie session
• A cookie is a small piece of text stored • A session can be defined as a server-
on a user's computer by their browser. side storage of information that is
Common uses for cookies are desired to persist throughout the
authentication, storing of site user's interaction with the web site or
preferences, shopping cart items, and
server session identification. web application.
• Each time the users' web browser • Instead of storing large and constantly
interacts with a web server it will pass changing information via cookies in
the cookie information to the web the user's browser, only a unique
server. Only the cookies stored by the identifier is stored on the client side
browser that relate to the domain in (called a "session id"). This session id
the requested URL will be sent to the is passed to the web server every time
server. This means that cookies that the browser makes an HTTP request
relate to www.example.com will not be
sent to www.exampledomain.com. (ie a page link or AJAX request). The
web application pairs this session id
• In essence, a cookie is a great way of
linking one page to the next for a user's with it's internal database and
interaction with a web site or web retrieves the stored variables for use
application. by the requested page.
• By default, each request is
considered as a new request. • For Example:
• In cookies technique, we add cookie • Flipkart uses session to maintain
with response from the servlet. So thedetails of various products
cookie is stored in the cache of the selected by its customers, which
browser. is called cart.
• After that if request is sent by the
• Session Tracking is a way to
user, cookie is added with request by
default. maintain state (data) of an user. It
• Thus, we recognize the user as the
is also known as session
old user. management in servlet.
Cookies in servlets
• A cookie is a small piece of information that is persisted between the
multiple client requests.
• Advantage of Cookies
• Simplest technique of maintaining the state.
• Cookies are maintained at client side.
• Disadvantage of Cookies
• It will not work if cookie is disabled from the browser.
• Only textual information can be set in Cookie object.
• Gmail uses cookie technique for login. If you disable the cookie, gmail
won't work.
Sessions
• Servlet API provides Session management through HttpSession interface.
We can get session from HttpServletRequest object using following
methods. HttpSession allows us to set objects as attributes that can be
retrieved in future requests.
• HttpSession getSession() – This method always returns a HttpSession
object. It returns the session object attached with the request, if the
request has no session attached, then it creates a new session and return
it.
• HttpSession getSession(boolean flag) – This method returns HttpSession
object if request has session else it returns null.
• Some of the important methods of HttpSession are:
• String getId() – Returns a string containing the unique identifier assigned to this
session.
• Object getAttribute(String name) – Returns the object bound with the specified
name in this session, or null if no object is bound under the name. Some other
methods to work with Session attributes
are getAttributeNames(), removeAttribute(String name) and setAttribute(String
name, Object value).
• long getCreationTime() – Returns the time when this session was created, measured
in milliseconds since midnight January 1, 1970 GMT. We can get last accessed time
with getLastAccessedTime() method.
• setMaxInactiveInterval(int interval) – Specifies the time, in seconds, between client
requests before the servlet container will invalidate this session. We can get session
timeout value from getMaxInactiveInterval() method.
• ServletContext getServletContext() – Returns ServletContext object for the
application.
• boolean isNew() – Returns true if the client does not yet know about the session or if
the client chooses not to join the session.
• void invalidate() – Invalidates this session then unbinds any objects bound to it.
home.html

index.html
op.html

res.html

You might also like