2005 Marty Hall Session Tracking 2 JSP Servlet

  • Slides: 26
Download presentation
© 2005 Marty Hall Session Tracking 2 JSP, Servlet, Struts, JSF & Java Training:

© 2005 Marty Hall Session Tracking 2 JSP, Servlet, Struts, JSF & Java Training: http: //courses. coreservlets. com J 2 EE Books from Sun Press: http: //www. coreservlets. com

Agenda • • • 3 • • Implementing session tracking from scratch Using basic

Agenda • • • 3 • • Implementing session tracking from scratch Using basic session tracking Understanding the session-tracking API Differentiating between server and browser sessions Encoding URLs Storing immutable objects vs. storing mutable objects Tracking user access counts Accumulating user purchases Implementing a shopping cart Building an online store J 2 EE training: http: //courses. coreservlets. com

Session Tracking and E-Commerce • Why session tracking? – When clients at on-line store

Session Tracking and E-Commerce • Why session tracking? – When clients at on-line store add item to their shopping cart, how does server know what’s already in cart? – When clients decide to proceed to checkout, how can server determine which previously created cart is theirs? Dilbert used with permission of United Syndicates Inc. 4 J 2 EE training: http: //courses. coreservlets. com

Rolling Your Own Session Tracking: Cookies • Idea: associate cookie with data on server

Rolling Your Own Session Tracking: Cookies • Idea: associate cookie with data on server String session. ID = make. Unique. String(); Hash. Map session. Info = new Hash. Map(); Hash. Map global. Table = find. Table. Storing. Sessions(); global. Table. put(session. ID, session. Info); Cookie session. Cookie = new Cookie("JSESSIONID", session. ID); session. Cookie. set. Path("/"); response. add. Cookie(session. Cookie); • Still to be done: 5 – – Extracting cookie that stores session identifier Setting appropriate expiration time for cookie Associating the hash tables with each request Generating the unique session identifiers J 2 EE training: http: //courses. coreservlets. com

Rolling Your Own Session Tracking: URL-Rewriting • Idea – Client appends some extra data

Rolling Your Own Session Tracking: URL-Rewriting • Idea – Client appends some extra data on the end of each URL that identifies the session – Server associates that identifier with data it has stored about that session – E. g. , http: //host/path/file. html; jsessionid=1234 • Advantage – Works even if cookies are disabled or unsupported • Disadvantages – Must encode all URLs that refer to your own site – All pages must be dynamically generated – Fails for bookmarks and links from other sites 6 J 2 EE training: http: //courses. coreservlets. com

Rolling Your Own Session Tracking: Hidden Form Fields • Idea: <INPUT TYPE="HIDDEN" NAME="session" VALUE=".

Rolling Your Own Session Tracking: Hidden Form Fields • Idea: <INPUT TYPE="HIDDEN" NAME="session" VALUE=". . . "> • Advantage – Works even if cookies are disabled or unsupported • Disadvantages – Lots of tedious processing – All pages must be the result of form submissions 7 J 2 EE training: http: //courses. coreservlets. com

Session Tracking in Java • Session objects live on the server • Sessions automatically

Session Tracking in Java • Session objects live on the server • Sessions automatically associated with client via cookies or URL-rewriting – Use request. get. Session to get session • Behind the scenes, the system looks at cookie or URL extra info and sees if it matches the key to some previously stored session object. If so, it returns that object. If not, it creates a new one, assigns a cookie or URL info as its key, and returns that new session object. • Hashtable-like mechanism lets you store arbitrary objects inside session – set. Attribute stores values – get. Attribute retrieves values 8 J 2 EE training: http: //courses. coreservlets. com

Session Tracking Basics • Access the session object – Call request. get. Session to

Session Tracking Basics • Access the session object – Call request. get. Session to get Http. Session object • This is a hashtable associated with the user • Look up information associated with a session. – Call get. Attribute on the Http. Session object, cast the return value to the appropriate type, and check whether the result is null. • Store information in a session. – Use set. Attribute with a key and a value. • Discard session data. 9 – Call remove. Attribute discards a specific value. – Call invalidate to discard an entire session. J 2 EE training: http: //courses. coreservlets. com

Session Tracking Basics: Sample Code Http. Session session = request. get. Session(); Some. Class

Session Tracking Basics: Sample Code Http. Session session = request. get. Session(); Some. Class value = (Some. Class)session. get. Attribute("some. ID"); if (value == null) { value = new Some. Class(. . . ); session. set. Attribute("some. ID", value); } do. Something. With(value); – Do not need to call set. Attribute again (after modifying value) if the modified value is the same object. But, if value is immutable, modified value will be a new object reference, and you must call set. Attribute again. 10 J 2 EE training: http: //courses. coreservlets. com

What Changes if Server Uses URL Rewriting? • Session tracking code: – No change

What Changes if Server Uses URL Rewriting? • Session tracking code: – No change • Code that generates hypertext links back to same site: – Pass URL through response. encode. URL. • If server is using cookies, this returns URL unchanged • If server is using URL rewriting, this appends the session info to the URL • E. g. : String url = "order-page. html"; url = response. encode. URL(url); • Code that does send. Redirect to own site: – Pass URL through response. encode. Redirect. URL 11 J 2 EE training: http: //courses. coreservlets. com

Http. Session Methods • get. Attribute – Extracts a previously stored value from a

Http. Session Methods • get. Attribute – Extracts a previously stored value from a session object. Returns null if no value is associated with given name. • set. Attribute – Associates a value with a name. Monitor changes: values implement Http. Session. Binding. Listener. • remove. Attribute – Removes values associated with name. • get. Attribute. Names – Returns names of all attributes in the session. • get. Id – Returns the unique identifier. 12 J 2 EE training: http: //courses. coreservlets. com

Http. Session Methods (Continued) • is. New – Determines if session is new to

Http. Session Methods (Continued) • is. New – Determines if session is new to client (not to page) • get. Creation. Time – Returns time at which session was first created • get. Last. Accessed. Time – Returns time at which session was last sent from client • get. Max. Inactive. Interval, set. Max. Inactive. Interval – Gets or sets the amount of time session should go without access before being invalidated • invalidate – Invalidates current session 13 J 2 EE training: http: //courses. coreservlets. com

A Servlet that Shows Per-Client Access Counts public class Show. Session extends Http. Servlet

A Servlet that Shows Per-Client Access Counts public class Show. Session extends Http. Servlet { public void do. Get(Http. Servlet. Request request, Http. Servlet. Response response) throws Servlet. Exception, IOException { response. set. Content. Type("text/html"); Http. Session session = request. get. Session(); String heading; Integer access. Count = (Integer)session. get. Attribute("access. Count"); if (access. Count == null) { access. Count = new Integer(0); heading = "Welcome, Newcomer"; } else { heading = "Welcome Back"; access. Count = new Integer(access. Count. int. Value() + 1); } session. set. Attribute("access. Count", access. Count); 14 J 2 EE training: http: //courses. coreservlets. com

A Servlet that Shows Per-Client Access Counts (Continued) Print. Writer out = response. get.

A Servlet that Shows Per-Client Access Counts (Continued) Print. Writer out = response. get. Writer(); … out. println (doc. Type + "<HTML>n" + "<HEAD><TITLE>" + title + "</TITLE></HEAD>n" + "<BODY BGCOLOR="#FDF 5 E 6">n" + "<CENTER>n" + "<H 1>" + heading + "</H 1>n" + "<H 2>Information on Your Session: </H 2>n" + "<TABLE BORDER=1>n" + "<TR BGCOLOR="#FFAD 00">n" + " <TH>Info Type<TH>Valuen" + … " <TD>Number of Previous Accessesn" + " <TD>" + access. Count + "n" + "</TABLE>n" + "</CENTER></BODY></HTML>"); 15 J 2 EE training: http: //courses. coreservlets. com

A Servlet that Shows Per-Client Access Counts: Result 1 16 J 2 EE training:

A Servlet that Shows Per-Client Access Counts: Result 1 16 J 2 EE training: http: //courses. coreservlets. com

A Servlet that Shows Per-Client Access Counts: Result 2 17 J 2 EE training:

A Servlet that Shows Per-Client Access Counts: Result 2 17 J 2 EE training: http: //courses. coreservlets. com

Accumulating a List of User Data public class Show. Items extends Http. Servlet {

Accumulating a List of User Data public class Show. Items extends Http. Servlet { public void do. Get(Http. Servlet. Request request, Http. Servlet. Response response) throws Servlet. Exception, IOException { Http. Session session = request. get. Session(); Array. List previous. Items = (Array. List)session. get. Attribute("previous. Items"); if (previous. Items == null) { previous. Items = new Array. List(); session. set. Attribute("previous. Items", previous. Items); } 18 J 2 EE training: http: //courses. coreservlets. com

Accumulating a List of User Data (Continued) String new. Item = request. get. Parameter("new.

Accumulating a List of User Data (Continued) String new. Item = request. get. Parameter("new. Item"); Print. Writer out = response. get. Writer(); … synchronized(previous. Items) { if ((new. Item != null) && (!new. Item. trim(). equals(""))) { previous. Items. add(new. Item); } if (previous. Items. size() == 0) { out. println("<I>No items</I>"); } else { out. println("<UL>"); for(int i=0; i<previous. Items. size(); i++) { out. println("<LI>" + (String)previous. Items. get(i)); } out. println("</UL>"); } } out. println("</BODY></HTML>"); 19 J 2 EE training: http: //courses. coreservlets. com

Accumulating a List of User Data: Front End 20 J 2 EE training: http:

Accumulating a List of User Data: Front End 20 J 2 EE training: http: //courses. coreservlets. com

Accumulating a List of User Data: Result 21 J 2 EE training: http: //courses.

Accumulating a List of User Data: Result 21 J 2 EE training: http: //courses. coreservlets. com

An On-Line Bookstore • Session tracking code stays the same as in simple examples

An On-Line Bookstore • Session tracking code stays the same as in simple examples • Shopping cart class is relatively complex – Identifies items by a unique catalog ID – Does not repeat items in the cart • Instead, each entry has a count associated with it • If count reaches zero, item is deleted from cart • Pages built automatically from objects that have descriptions of books 22 J 2 EE training: http: //courses. coreservlets. com

An On-Line Bookstore 23 J 2 EE training: http: //courses. coreservlets. com

An On-Line Bookstore 23 J 2 EE training: http: //courses. coreservlets. com

An On-Line Bookstore 24 J 2 EE training: http: //courses. coreservlets. com

An On-Line Bookstore 24 J 2 EE training: http: //courses. coreservlets. com

Distributed and Persistent Sessions • Some servers support distributed Web applications – Load balancing

Distributed and Persistent Sessions • Some servers support distributed Web applications – Load balancing used to send different requests to different machines – Session tracking still guaranteed to work • Some servers suport persistent sessions – Session data written to disk and reloaded when server is restarted • To support both, session data should implement the java. io. Serializable interface – There are no methods in this interface; it is just a flag. 25 J 2 EE training: http: //courses. coreservlets. com

Summary • Sessions do not travel across network – Only unique identifier does •

Summary • Sessions do not travel across network – Only unique identifier does • Get the session – request. get. Session • Extract data from session – session. get. Attribute • Do typecast and check for null • Put data in session – session. set. Attribute 26 J 2 EE training: http: //courses. coreservlets. com

© 2005 Marty Hall Questions? 27 JSP, Servlet, Struts, JSF & Java Training: http:

© 2005 Marty Hall Questions? 27 JSP, Servlet, Struts, JSF & Java Training: http: //courses. coreservlets. com J 2 EE Books from Sun Press: http: //www. coreservlets. com

2005 Marty Hall Servlet Basics 2 JSP Servlet2005 Marty Hall Servlet Basics 2 JSP Servlet
Servlet JSP JSP JSP request javax servlet httpServlet JSP JSP JSP request javax servlet http
4 Servlet l Servlet l Servlet l Servlet4 Servlet l Servlet l Servlet l Servlet
6 Servlet II Servlet Servlet Servlet Lecturer Kim6 Servlet II Servlet Servlet Servlet Lecturer Kim
8 Servlet IV Servlet Config Servlet Context Servlet8 Servlet IV Servlet Config Servlet Context Servlet
Servlet JSPSEVLET Servlet 2 q Servlet q ServletServlet JSPSEVLET Servlet 2 q Servlet q Servlet
2005 Marty Hall An Overview of Servlet JSP2005 Marty Hall An Overview of Servlet JSP
2005 Marty Hall Handling Cookies 2 JSP Servlet2005 Marty Hall Handling Cookies 2 JSP Servlet
9 JSP I JSP JSP JSP Lecturer Kim9 JSP I JSP JSP JSP Lecturer Kim
07 Chapter JSP JSP JSP 07 Chapter JSP07 Chapter JSP JSP JSP 07 Chapter JSP
Servlet APIs Every servlet must implement javax servletServlet APIs Every servlet must implement javax servlet
javax servlet http Http Servlet Request javax servletjavax servlet http Http Servlet Request javax servlet
Generic Servlet Generic Servlet 1 3 Generic ServletGeneric Servlet Generic Servlet 1 3 Generic Servlet
2 6 webapp servlet Servlet Name servletname Servlet2 6 webapp servlet Servlet Name servletname Servlet
Servlets JSP SACHIN KHARADE Servlet Servlet is usedServlets JSP SACHIN KHARADE Servlet Servlet is used
Web Java Servlet JSP 2007 2009 Http ServletWeb Java Servlet JSP 2007 2009 Http Servlet
Java Servlet JSP AJAX 2007 2009 Java ServletJava Servlet JSP AJAX 2007 2009 Java Servlet
2005 Marty Hall JSP Intro and Overview 22005 Marty Hall JSP Intro and Overview 2
2005 Marty Hall Invoking Java Code with JSP2005 Marty Hall Invoking Java Code with JSP
2 JSP v JSP public class Hundred Servlet2 JSP v JSP public class Hundred Servlet
WEB PROGRAMMING WITH JSP SERVLET JSP IMPLICIT OBJECTSWEB PROGRAMMING WITH JSP SERVLET JSP IMPLICIT OBJECTS
Outline n JSP n JSP n JSP nOutline n JSP n JSP n JSP n
JSP Pages What and Why of JSP JSPJSP Pages What and Why of JSP JSP
JSP 2 include JSP HTML JSP include includeJSP 2 include JSP HTML JSP include include