session tracking lec 31. revisiting session tracking http is a stateless protocol every request is...
TRANSCRIPT
![Page 1: Session Tracking Lec 31. Revisiting Session Tracking HTTP is a stateless protocol Every request is considered independent of every other request Many](https://reader036.vdocument.in/reader036/viewer/2022070411/56649f575503460f94c7c368/html5/thumbnails/1.jpg)
Session TrackingLec 31
![Page 2: Session Tracking Lec 31. Revisiting Session Tracking HTTP is a stateless protocol Every request is considered independent of every other request Many](https://reader036.vdocument.in/reader036/viewer/2022070411/56649f575503460f94c7c368/html5/thumbnails/2.jpg)
Revisiting Session Tracking
HTTP is a stateless protocol Every request is considered independent of every other
request
Many web applications need to maintain a conversational state with the client A shopping cart is a classic example
![Page 3: Session Tracking Lec 31. Revisiting Session Tracking HTTP is a stateless protocol Every request is considered independent of every other request Many](https://reader036.vdocument.in/reader036/viewer/2022070411/56649f575503460f94c7c368/html5/thumbnails/3.jpg)
Store State Somewhere
Server Side? Makes Server Really Complicated State per client!
Client Side?
![Page 4: Session Tracking Lec 31. Revisiting Session Tracking HTTP is a stateless protocol Every request is considered independent of every other request Many](https://reader036.vdocument.in/reader036/viewer/2022070411/56649f575503460f94c7c368/html5/thumbnails/4.jpg)
“Post-Notes”
Server puts little notes on the client side
When client submits the next form, it also (unknowingly) submits these little notes
Server reads the notes, remembers who the client is
![Page 5: Session Tracking Lec 31. Revisiting Session Tracking HTTP is a stateless protocol Every request is considered independent of every other request Many](https://reader036.vdocument.in/reader036/viewer/2022070411/56649f575503460f94c7c368/html5/thumbnails/5.jpg)
Three Typical Solutions
Cookies
URL Rewriting
Hidden Fields
![Page 6: Session Tracking Lec 31. Revisiting Session Tracking HTTP is a stateless protocol Every request is considered independent of every other request Many](https://reader036.vdocument.in/reader036/viewer/2022070411/56649f575503460f94c7c368/html5/thumbnails/6.jpg)
Handling Cookies
![Page 7: Session Tracking Lec 31. Revisiting Session Tracking HTTP is a stateless protocol Every request is considered independent of every other request Many](https://reader036.vdocument.in/reader036/viewer/2022070411/56649f575503460f94c7c368/html5/thumbnails/7.jpg)
Potential of Cookies
Idea
Web server sends a simple name-value pair to client (web browser etc.)
Saved by the client
Later, Client returns same name and value when it connects to same site (or same domain, depending on cookie settings)
![Page 8: Session Tracking Lec 31. Revisiting Session Tracking HTTP is a stateless protocol Every request is considered independent of every other request Many](https://reader036.vdocument.in/reader036/viewer/2022070411/56649f575503460f94c7c368/html5/thumbnails/8.jpg)
Potential of Cookies
Typical Uses of Cookies
Identifying a user during an e-commerce session Servlets have a higher-level API for this task
Avoiding username and password
Customizing a site
Focused advertising
![Page 9: Session Tracking Lec 31. Revisiting Session Tracking HTTP is a stateless protocol Every request is considered independent of every other request Many](https://reader036.vdocument.in/reader036/viewer/2022070411/56649f575503460f94c7c368/html5/thumbnails/9.jpg)
Sending Cookies to Browser Create a Cookie object
Cookie c = new Cookie("name", "value");
Set the Maximum age etc Cookie persists on disk
c.setMaxAge(seconds);
// Set other attributes.
Place the Cookie into HTTP response If you forget this step, no cookie will be sent to the browser
response.addCookie(c);
![Page 10: Session Tracking Lec 31. Revisiting Session Tracking HTTP is a stateless protocol Every request is considered independent of every other request Many](https://reader036.vdocument.in/reader036/viewer/2022070411/56649f575503460f94c7c368/html5/thumbnails/10.jpg)
Reading Cookies from Browser To read incoming cookies, get them from request object
Cookie[] cookies = request.getCookies();
Once you have an array of cookies, you can iterate over it Use getName and getValue to retrieve cookie name & value
respectively
for(int i=0; i<cookies.length; i++) {
Cookie c = cookies[i]; if (c.getName().equals("someName")){ // doSomethingWith cookie break; } }
![Page 11: Session Tracking Lec 31. Revisiting Session Tracking HTTP is a stateless protocol Every request is considered independent of every other request Many](https://reader036.vdocument.in/reader036/viewer/2022070411/56649f575503460f94c7c368/html5/thumbnails/11.jpg)
Example 1: RepeatVisitor
This servlet checks for a unique cookie, named “repeat”. If the cookie is present, servlet says “Welcome
Back” Otherwise, servlet says “Welcome Aboard”.
![Page 12: Session Tracking Lec 31. Revisiting Session Tracking HTTP is a stateless protocol Every request is considered independent of every other request Many](https://reader036.vdocument.in/reader036/viewer/2022070411/56649f575503460f94c7c368/html5/thumbnails/12.jpg)
Example CodeRepeat Visitor
![Page 13: Session Tracking Lec 31. Revisiting Session Tracking HTTP is a stateless protocol Every request is considered independent of every other request Many](https://reader036.vdocument.in/reader036/viewer/2022070411/56649f575503460f94c7c368/html5/thumbnails/13.jpg)
Using Cookies to Detect First-Time Visitors (Results)
![Page 14: Session Tracking Lec 31. Revisiting Session Tracking HTTP is a stateless protocol Every request is considered independent of every other request Many](https://reader036.vdocument.in/reader036/viewer/2022070411/56649f575503460f94c7c368/html5/thumbnails/14.jpg)
HTTP Cookies
String sID = makeUniqueString();Hashtable sessionInfo = new Hashtable();Hashtable globalTable = findTableStoringSessions();globalTable.put(sID, sessionInfo);Cookie sessionCookie = new Cookie("JSESSIONID", sID);response.addCookie(sessionCookie);
1239865610
Credit: cs193i at Standford
![Page 15: Session Tracking Lec 31. Revisiting Session Tracking HTTP is a stateless protocol Every request is considered independent of every other request Many](https://reader036.vdocument.in/reader036/viewer/2022070411/56649f575503460f94c7c368/html5/thumbnails/15.jpg)
HTTP Cookies
String sID = makeUniqueString();Hashtable sessionInfo = new Hashtable();Hashtable globalTable = findTableStoringSessions();globalTable.put(sID, sessionInfo);Cookie sessionCookie = new Cookie("JSESSIONID", sID);response.addCookie(sessionCookie);
1239865610
Credit: cs193i at Standford
![Page 16: Session Tracking Lec 31. Revisiting Session Tracking HTTP is a stateless protocol Every request is considered independent of every other request Many](https://reader036.vdocument.in/reader036/viewer/2022070411/56649f575503460f94c7c368/html5/thumbnails/16.jpg)
HTTP Cookies
String sID = makeUniqueString();Hashtable sessionInfo = new Hashtable();Hashtable globalTable = findTableStoringSessions();globalTable.put(sID, sessionInfo);Cookie sessionCookie = new Cookie("JSESSIONID", sID);response.addCookie(sessionCookie);
1239865610
Credit: cs193i at Standford
![Page 17: Session Tracking Lec 31. Revisiting Session Tracking HTTP is a stateless protocol Every request is considered independent of every other request Many](https://reader036.vdocument.in/reader036/viewer/2022070411/56649f575503460f94c7c368/html5/thumbnails/17.jpg)
HTTP Cookies
String sID = makeUniqueString();Hashtable sessionInfo = new Hashtable();Hashtable globalTable = findTableStoringSessions();globalTable.put(sID, sessionInfo);Cookie sessionCookie = new Cookie("JSESSIONID", sID);response.addCookie(sessionCookie);
1239865610
Credit: cs193i at Standford
![Page 18: Session Tracking Lec 31. Revisiting Session Tracking HTTP is a stateless protocol Every request is considered independent of every other request Many](https://reader036.vdocument.in/reader036/viewer/2022070411/56649f575503460f94c7c368/html5/thumbnails/18.jpg)
HTTP Cookies
String sID = makeUniqueString();Hashtable sessionInfo = new Hashtable();Hashtable globalTable = findTableStoringSessions();globalTable.put(sID, sessionInfo);Cookie sessionCookie = new Cookie("JSESSIONID", sID);response.addCookie(sessionCookie);
1239865610
JSESSIONID → 1239865610
Credit: cs193i at Standford
![Page 19: Session Tracking Lec 31. Revisiting Session Tracking HTTP is a stateless protocol Every request is considered independent of every other request Many](https://reader036.vdocument.in/reader036/viewer/2022070411/56649f575503460f94c7c368/html5/thumbnails/19.jpg)
HTTP Cookies
String sID = makeUniqueString();Hashtable sessionInfo = new Hashtable();Hashtable globalTable = findTableStoringSessions();globalTable.put(sID, sessionInfo);Cookie sessionCookie = new Cookie("JSESSIONID", sID);response.addCookie(sessionCookie);
1239865610
Set-Cookie: JSESSIONID=1239865610;
Credit: cs193i at Standford
![Page 20: Session Tracking Lec 31. Revisiting Session Tracking HTTP is a stateless protocol Every request is considered independent of every other request Many](https://reader036.vdocument.in/reader036/viewer/2022070411/56649f575503460f94c7c368/html5/thumbnails/20.jpg)
HTTP Cookies
Cookie: JSESSIONID=1239865610;
// On request
String sID = getCookieValue("JSESSIONID");Hashtable globalTable = findTableStoringSessions();Hashtable sInfo = (Hashtable) globalTable.get(sID);
// sInfo contains the data related to user Credit: cs193i at Standford
![Page 21: Session Tracking Lec 31. Revisiting Session Tracking HTTP is a stateless protocol Every request is considered independent of every other request Many](https://reader036.vdocument.in/reader036/viewer/2022070411/56649f575503460f94c7c368/html5/thumbnails/21.jpg)
HTTP Cookies
Cookie: JSESSIONID=1239865610;
// On request
String sID = getCookieValue("JSESSIONID");Hashtable globalTable = findTableStoringSessions();Hashtable sInfo = (Hashtable) globalTable.get(sID);
// sInfo contains the data related to user Credit: cs193i at Standford
![Page 22: Session Tracking Lec 31. Revisiting Session Tracking HTTP is a stateless protocol Every request is considered independent of every other request Many](https://reader036.vdocument.in/reader036/viewer/2022070411/56649f575503460f94c7c368/html5/thumbnails/22.jpg)
HTTP Cookies
Cookie: JSESSIONID=1239865610;
1239865610
// On request
String sID = getCookieValue("JSESSIONID");Hashtable globalTable = findTableStoringSessions();Hashtable sInfo = (Hashtable) globalTable.get(sID);
// sInfo contains the data related to user Credit: cs193i at Standford
![Page 23: Session Tracking Lec 31. Revisiting Session Tracking HTTP is a stateless protocol Every request is considered independent of every other request Many](https://reader036.vdocument.in/reader036/viewer/2022070411/56649f575503460f94c7c368/html5/thumbnails/23.jpg)
Example : Online Book Storeusing cookies
netBeans project -CookieSessionEx