Maintaining Sessions

HTTP Protocol
HTTP is called as a stateless protocol because each command is request is executed independently, without any knowledge of the requests that were executed before it.

HTTP Request Methods:

GET Method: The Get method is used to getting the data from the server . Get method appends the parameters passed as query string to a URL, in the form of key- value pairs. POST Method: The post method is used for sending data to the server. In post method the query string is appended along the request object, they do not get appended in the URL, so parameters transfer in hidden form

HTTP Request Methods:

HEAD Method: When a user wants to know about the headers, like MIME types, charset, Content- Length then we use Head method. With this no body content is returned. TRACE Method: Trace on the jsp resource returns the content of the resource. Asks for a loopback of the request message, so that the use can see what is being recieved on the other side

HTTP Request Methods:

DELETE Method: It is used for delete the resources, files at the requested URL OPTIONS Method: It lists the Http methods to which the thing at the requested URL can respond. PUT Method: It put the enclosed information at the requestedURL. CONNECT Method: It connects for the purpose of tunneling.

 Http protocol is not reliable when we are doing any type of transactions or any other related work where persistence of the information is necessary. To remove these obstacles we use session management. In session management whenever a request comes for any resource, a unique token is generated by the server and transmitted to the client by the response object and stored on the client machine as a cookie.

 Session IDs are used to uniquely identify a client browser, while the server side processes are used to associate the session ID with a level of access. Thus, once a client has successfully authenticated to the web applicatiion, the session ID can be used as a stored authentication voucher so that the client does not have to retype their login information with each page request

Session management can be achieved by using the following thing:

Cookies: cookies are small bits of textual information that a web server sends to a browser and that browsers returns the cookie when it visits the same site again. In cookie the information is stored in the form of a name, value pair. By default the cookie is generated. If the user doesn't want to use cookies then it can disable them. URL rewriting: In URL rewriting we append some extra information on the end of each URL that identifies the session. This URL rewriting can be used where a cookie is disabled. It is a good practice to use URL rewriting. In this session ID information is embedded in the URL, which is recieved by the application through Http GET requests when the client clicks on the links embedded with a page.

 Hidden form fields: In hidden form fields the html entry will be like this : <input type ="hidden" name = "name" value="">. This means that when you submit the form, the specified name and value will be get included in get or post method. In this session ID information would be embedded within the form as a hidden field and submitted with the Http POST command. In JSP we have been provided a implicit object session so we don't need to create a object of session explicitly as we do in Servlets. In Jsp the session is by default true. The session is defined inside the directive <%@ page session = "true/false" %>. If we don't declare it inside the jsp page then session will be available to the page, as it is default by true.

URLRewriting
URLRewriting can be used in place where we don't want to use cookies. It is used to maintain the session. Whenever the browser sends a request then it is always interpreted as a new request because http protocol is a stateless protocol as it is not persistent. Whenever we want that out request object to stay alive till we decide to end the request object then, there we use the concept of session tracking URLRewriting can be used where we the cookies are disabled. Its a good practice to use URL Rewriting. In URLRewriting a string is appended

Hidden Form Fields

Hidden form field is used to maintain the session. It is one of the way to maintain the session. In hidden form fields the html entry will be like this : <input type ="hidden" name = "name" value="">. This means that when you submit the form, the specified name and value will be get included in get or post method. In this session ID information would be embedded within the form as a hidden field and submitted with the http post command.