Session Tracking 2 Lec 32 Last Lecture Review

  • Slides: 23
Download presentation
Session Tracking - 2 Lec 32

Session Tracking - 2 Lec 32

Last Lecture Review p Session Tracking – why? p Need to store state –

Last Lecture Review p Session Tracking – why? p Need to store state – typical solutions n n n Cookies – already learned URL Rewriting Hidden Form Fields

Session Tracking Request Session ID = 123 XYZ Amazon Shopping Cart sc [item 1=324]

Session Tracking Request Session ID = 123 XYZ Amazon Shopping Cart sc [item 1=324] Servlet Container Credit: cs 193 i at Standford

Session Tracking Session ID = 123 XYZ Amazon Shopping Cart sc [item 1=324] Response:

Session Tracking Session ID = 123 XYZ Amazon Shopping Cart sc [item 1=324] Response: Set-Cookie: sid=123 XYZ Servlet Container Credit: cs 193 i at Standford

Session Tracking Request: Set-Cookie: sid=123 XYZ Session ID = 123 XYZ Amazon Shopping Cart

Session Tracking Request: Set-Cookie: sid=123 XYZ Session ID = 123 XYZ Amazon Shopping Cart sc [item 1=324] Servlet Container Credit: cs 193 i at Standford

Session Tracking Request: Set-Cookie: sid=123 XYZ Session ID = 123 XYZ Amazon Shopping Cart

Session Tracking Request: Set-Cookie: sid=123 XYZ Session ID = 123 XYZ Amazon Shopping Cart sc [item 1=324 item 2=115] Servlet Container Credit: cs 193 i at Standford

URL Rewriting

URL Rewriting

URL Rewriting p We can pass extra information to client by rewriting URLs. (appending

URL Rewriting p We can pass extra information to client by rewriting URLs. (appending info with URL) p The extra information can be in the form of p n Extra path information, n Added parameters, or n Some custom, server-specific URL change Due to limited space available in rewriting a URL, the extra information is usually limited to a unique session ID

URL Rewriting: Examples p For example, the following URLs have been rewritten to pass

URL Rewriting: Examples p For example, the following URLs have been rewritten to pass the session id 123 n Original http: //server: port/servlet/rewrite n Extra path information http: //server: port/servlet/rewrite/123 n Added parameter http: //server: port/servlet/rewrite? id=123 n Custom change http: //server: port/servlet/rewrite; $id$123

URL Rewriting: Disadvantages p What if the user bookmarks the page? p Every URL

URL Rewriting: Disadvantages p What if the user bookmarks the page? p Every URL on a page which needs the session information must be rewritten each time page is served n Computationally expensive n Can increase communication overhead p State stored in URLs is not persistent p Limits the client’s interaction with the server to HTTP GET request

Hidden Form Fields

Hidden Form Fields

Hidden Form Fields p <input type=“hidden” name=“sessionid” value=“ 123”>

Hidden Form Fields p <input type=“hidden” name=“sessionid” value=“ 123”>

Java’s Solution for Session Tracking Http. Session API

Java’s Solution for Session Tracking Http. Session API

Using Http. Session 1. To get the user’s session object n Call get. Session(

Using Http. Session 1. To get the user’s session object n Call get. Session( ) method of HTTPServlet. Request class n pass false to the get. Session() method Http. Session ses = request. get. Session(false); n If no current session exists: p You will get a null object

Using Http. Session cont. 1. To get the user’s session object (cont. ) n

Using Http. Session cont. 1. To get the user’s session object (cont. ) n n If true is passed to the get. Session() method then If user already has a session p the existing session is returned For example: Http. Session ses = request. get. Session(true); If no session exists p a new one is created and returned

Using Http. Session cont. 2. Storing information in a session n Session objects works

Using Http. Session cont. 2. Storing information in a session n Session objects works like a Hash. Map p Hash. Map is able to store any type of java object n You can therefore store any number of keys and their values n For example ses. set. Attribute(“id”, “ 123”); key Value

Using Http. Session cont. 3. Looking up information associated with a session String s.

Using Http. Session cont. 3. Looking up information associated with a session String s. ID = (String)ses. get. Attribute(“id”); returns an Object type, so you will need to perform a type cast

Using Http. Session cont. Terminating session 4. n Automatic p n After the amount

Using Http. Session cont. Terminating session 4. n Automatic p n After the amount of time session gets terminated automatically( get. Max. Inactive. Interval( ) ) Manual ses. invalidate();

Example Code Showing Session Information

Example Code Showing Session Information

Encoding URLs Sent to Client Http. Servlet. Response provides two methods to perform encoding

Encoding URLs Sent to Client Http. Servlet. Response provides two methods to perform encoding p 1. String encode. URL(String URL) 2. String encode. Redirect. URL(String URL) If Cookies disabled p n Both methods encodes (rewrites) the specified URL to include the session ID and returns the new URL If Cookies enabled p n Returns the URL unchanged

Encoding URLs Sent to Client cont. 1. String encode. URL(String URL) n For example

Encoding URLs Sent to Client cont. 1. String encode. URL(String URL) n For example String URL = “/servlet/sessiontracker”; String e. URL = response. encode. URL(URL); out. println("<A HREF="" + e. URL + "">. . . </A>");

Encoding URLs Sent to Client cont. 2. String encode. Redirect. URL(String URL) n For

Encoding URLs Sent to Client cont. 2. String encode. Redirect. URL(String URL) n For example String URL = “/servlet/sessiontracker”; String e. URL = response. encode. Redirect. URL(URL); response. send. Redirect(e. URL);

Example Code Online Book Store

Example Code Online Book Store

Session Tracking Lec 31 Revisiting Session Tracking nSession Tracking Lec 31 Revisiting Session Tracking n
last adj ex last year last summer lastlast adj ex last year last summer last
last adj ex last year last summer lastlast adj ex last year last summer last
Chapter 9 Session Tracking Session Tracking Basics nChapter 9 Session Tracking Session Tracking Basics n
Tracking Physical Inventory Concept Tracking Physical Inventory TrackingTracking Physical Inventory Concept Tracking Physical Inventory Tracking
Lec 2 Aug 31 review of lec 1Lec 2 Aug 31 review of lec 1
NSAIDs Lec no 12 lec no 3 ByNSAIDs Lec no 12 lec no 3 By
Principles of pharmacy practice Lec 1 Lec DrPrinciples of pharmacy practice Lec 1 Lec Dr
Principles of pharmacy practice Lec 1 Lec DrPrinciples of pharmacy practice Lec 1 Lec Dr
Computer Architecture Lec 2 Introduction Review from lastComputer Architecture Lec 2 Introduction Review from last
Meningitis Lec 2 SUMMARY of Last lecture HeadacheMeningitis Lec 2 SUMMARY of Last lecture Headache
JSP Tag Libraries Lec 38 Last Lecture ExampleJSP Tag Libraries Lec 38 Last Lecture Example
sea otter review of last lecture The lastsea otter review of last lecture The last
Specialised Cells Last Lesson Last Week Last TermSpecialised Cells Last Lesson Last Week Last Term
Yesterday Last week ago Last year Last monthYesterday Last week ago Last year Last month
Cookie Session Cookie Cookie Cookie Session Session sessionCookie Session Cookie Cookie Cookie Session Session session
Cookie Session Cookie Cookie Cookie Session Session sessionCookie Session Cookie Cookie Cookie Session Session session
Cookie Session Cookie Cookie Session Session session IECookie Session Cookie Cookie Session Session session IE
Session Management in ASP NET Session Tracking PersonalizationSession Management in ASP NET Session Tracking Personalization
Session 30 NSLDS ENROLLMENT TRACKING Session 30 2Session 30 NSLDS ENROLLMENT TRACKING Session 30 2
Last updated 92211 12 44 PM Lec 6Last updated 92211 12 44 PM Lec 6
Complexity revisited learning from failures Lec 26 LastComplexity revisited learning from failures Lec 26 Last