session tracking - 2 lec 32. last lecture review session tracking – why? need to store state –...
TRANSCRIPT
![Page 1: Session Tracking - 2 Lec 32. Last Lecture Review Session Tracking – why? Need to store state – typical solutions Cookies – already learned URL Rewriting](https://reader036.vdocuments.us/reader036/viewer/2022062517/56649ec85503460f94bd5767/html5/thumbnails/1.jpg)
Session Tracking - 2
Lec 32
![Page 2: Session Tracking - 2 Lec 32. Last Lecture Review Session Tracking – why? Need to store state – typical solutions Cookies – already learned URL Rewriting](https://reader036.vdocuments.us/reader036/viewer/2022062517/56649ec85503460f94bd5767/html5/thumbnails/2.jpg)
Last Lecture Review Session Tracking – why?
Need to store state – typical solutions
Cookies – already learned URL Rewriting Hidden Form Fields
![Page 3: Session Tracking - 2 Lec 32. Last Lecture Review Session Tracking – why? Need to store state – typical solutions Cookies – already learned URL Rewriting](https://reader036.vdocuments.us/reader036/viewer/2022062517/56649ec85503460f94bd5767/html5/thumbnails/3.jpg)
Session Tracking
Amazon
Servlet Container
Session ID = 123XYZ
Shopping Cart sc[item 1=324]
Request
Credit: cs193i at Standford
![Page 4: Session Tracking - 2 Lec 32. Last Lecture Review Session Tracking – why? Need to store state – typical solutions Cookies – already learned URL Rewriting](https://reader036.vdocuments.us/reader036/viewer/2022062517/56649ec85503460f94bd5767/html5/thumbnails/4.jpg)
Session Tracking
Amazon
Servlet Container
Session ID = 123XYZ
Shopping Cart sc[item 1=324]
Response:Set-Cookie: sid=123XYZ
Credit: cs193i at Standford
![Page 5: Session Tracking - 2 Lec 32. Last Lecture Review Session Tracking – why? Need to store state – typical solutions Cookies – already learned URL Rewriting](https://reader036.vdocuments.us/reader036/viewer/2022062517/56649ec85503460f94bd5767/html5/thumbnails/5.jpg)
Session Tracking
Amazon
Servlet Container
Session ID = 123XYZ
Shopping Cart sc[item 1=324]
Request:Set-Cookie: sid=123XYZ
Credit: cs193i at Standford
![Page 6: Session Tracking - 2 Lec 32. Last Lecture Review Session Tracking – why? Need to store state – typical solutions Cookies – already learned URL Rewriting](https://reader036.vdocuments.us/reader036/viewer/2022062517/56649ec85503460f94bd5767/html5/thumbnails/6.jpg)
Session Tracking
Amazon
Servlet Container
Session ID = 123XYZ
Shopping Cart sc[item 1=324 item 2=115]
Request:Set-Cookie: sid=123XYZ
Credit: cs193i at Standford
![Page 7: Session Tracking - 2 Lec 32. Last Lecture Review Session Tracking – why? Need to store state – typical solutions Cookies – already learned URL Rewriting](https://reader036.vdocuments.us/reader036/viewer/2022062517/56649ec85503460f94bd5767/html5/thumbnails/7.jpg)
URL Rewriting
![Page 8: Session Tracking - 2 Lec 32. Last Lecture Review Session Tracking – why? Need to store state – typical solutions Cookies – already learned URL Rewriting](https://reader036.vdocuments.us/reader036/viewer/2022062517/56649ec85503460f94bd5767/html5/thumbnails/8.jpg)
URL Rewriting We can pass extra information to client by rewriting URLs.
(appending info with URL)
The extra information can be in the form of Extra path information,
Added parameters, or
Some custom, server-specific URL change
Due to limited space available in rewriting a URL, the extra information is usually limited to a unique session ID
![Page 9: Session Tracking - 2 Lec 32. Last Lecture Review Session Tracking – why? Need to store state – typical solutions Cookies – already learned URL Rewriting](https://reader036.vdocuments.us/reader036/viewer/2022062517/56649ec85503460f94bd5767/html5/thumbnails/9.jpg)
URL Rewriting: Examples For example, the following URLs have been rewritten
to pass the session id 123
Originalhttp://server:port/servlet/rewrite
Extra path informationhttp://server:port/servlet/rewrite/123
Added parameterhttp://server:port/servlet/rewrite?id=123
Custom changehttp://server:port/servlet/rewrite;$id$123
![Page 10: Session Tracking - 2 Lec 32. Last Lecture Review Session Tracking – why? Need to store state – typical solutions Cookies – already learned URL Rewriting](https://reader036.vdocuments.us/reader036/viewer/2022062517/56649ec85503460f94bd5767/html5/thumbnails/10.jpg)
URL Rewriting: Disadvantages What if the user bookmarks the page?
Every URL on a page which needs the session information must be rewritten each time page is served Computationally expensive Can increase communication overhead
State stored in URLs is not persistent
Limits the client’s interaction with the server to HTTP GET request
![Page 11: Session Tracking - 2 Lec 32. Last Lecture Review Session Tracking – why? Need to store state – typical solutions Cookies – already learned URL Rewriting](https://reader036.vdocuments.us/reader036/viewer/2022062517/56649ec85503460f94bd5767/html5/thumbnails/11.jpg)
Hidden Form Fields
![Page 12: Session Tracking - 2 Lec 32. Last Lecture Review Session Tracking – why? Need to store state – typical solutions Cookies – already learned URL Rewriting](https://reader036.vdocuments.us/reader036/viewer/2022062517/56649ec85503460f94bd5767/html5/thumbnails/12.jpg)
Hidden Form Fields <input type=“hidden” name=“sessionid” value=“123”>
![Page 13: Session Tracking - 2 Lec 32. Last Lecture Review Session Tracking – why? Need to store state – typical solutions Cookies – already learned URL Rewriting](https://reader036.vdocuments.us/reader036/viewer/2022062517/56649ec85503460f94bd5767/html5/thumbnails/13.jpg)
Java’s Solution forSession Tracking
HttpSession API
![Page 14: Session Tracking - 2 Lec 32. Last Lecture Review Session Tracking – why? Need to store state – typical solutions Cookies – already learned URL Rewriting](https://reader036.vdocuments.us/reader036/viewer/2022062517/56649ec85503460f94bd5767/html5/thumbnails/14.jpg)
Using HttpSession1. To get the user’s session object
Call getSession( ) method of HTTPServletRequest class
pass false to the getSession() method HttpSession ses = request.getSession(false);
If no current session exists: You will get a null object
![Page 15: Session Tracking - 2 Lec 32. Last Lecture Review Session Tracking – why? Need to store state – typical solutions Cookies – already learned URL Rewriting](https://reader036.vdocuments.us/reader036/viewer/2022062517/56649ec85503460f94bd5767/html5/thumbnails/15.jpg)
Using HttpSession cont.1. To get the user’s session object (cont.)
If true is passed to the getSession() method then
If user already has a session the existing session is returned
For example: HttpSession ses = request.getSession(true);
If no session exists a new one is created and returned
![Page 16: Session Tracking - 2 Lec 32. Last Lecture Review Session Tracking – why? Need to store state – typical solutions Cookies – already learned URL Rewriting](https://reader036.vdocuments.us/reader036/viewer/2022062517/56649ec85503460f94bd5767/html5/thumbnails/16.jpg)
Using HttpSession cont.2. Storing information in a session
Session objects works like a HashMap HashMap is able to store any type of java object
You can therefore store any number of keys and their values
For example
ses.setAttribute(“id”, “123”);
key Value
![Page 17: Session Tracking - 2 Lec 32. Last Lecture Review Session Tracking – why? Need to store state – typical solutions Cookies – already learned URL Rewriting](https://reader036.vdocuments.us/reader036/viewer/2022062517/56649ec85503460f94bd5767/html5/thumbnails/17.jpg)
Using HttpSession cont.3. Looking up information associated
with a session
String sID =
(String)ses.getAttribute(“id”);
returns an Object type, so you will need to perform a type cast
![Page 18: Session Tracking - 2 Lec 32. Last Lecture Review Session Tracking – why? Need to store state – typical solutions Cookies – already learned URL Rewriting](https://reader036.vdocuments.us/reader036/viewer/2022062517/56649ec85503460f94bd5767/html5/thumbnails/18.jpg)
Using HttpSession cont.4. Terminating session
Automatic After the amount of time session gets terminated
automatically( getMaxInactiveInterval( ) )
Manual
ses.invalidate();
![Page 19: Session Tracking - 2 Lec 32. Last Lecture Review Session Tracking – why? Need to store state – typical solutions Cookies – already learned URL Rewriting](https://reader036.vdocuments.us/reader036/viewer/2022062517/56649ec85503460f94bd5767/html5/thumbnails/19.jpg)
Example Code
Showing Session Information
![Page 20: Session Tracking - 2 Lec 32. Last Lecture Review Session Tracking – why? Need to store state – typical solutions Cookies – already learned URL Rewriting](https://reader036.vdocuments.us/reader036/viewer/2022062517/56649ec85503460f94bd5767/html5/thumbnails/20.jpg)
Encoding URLs Sent to Client HttpServletResponse provides two methods to
perform encoding
1. String encodeURL(String URL)
2. String encodeRedirectURL(String URL)
If Cookies disabled Both methods encodes (rewrites) the specified URL to
include the session ID and returns the new URL
If Cookies enabled Returns the URL unchanged
![Page 21: Session Tracking - 2 Lec 32. Last Lecture Review Session Tracking – why? Need to store state – typical solutions Cookies – already learned URL Rewriting](https://reader036.vdocuments.us/reader036/viewer/2022062517/56649ec85503460f94bd5767/html5/thumbnails/21.jpg)
Encoding URLs Sent to Client cont.1. String encodeURL(String URL)
For example
String URL = “/servlet/sessiontracker”; String eURL = response.encodeURL(URL);
out. println("<A HREF=\"" + eURL + "\">...</A>");
![Page 22: Session Tracking - 2 Lec 32. Last Lecture Review Session Tracking – why? Need to store state – typical solutions Cookies – already learned URL Rewriting](https://reader036.vdocuments.us/reader036/viewer/2022062517/56649ec85503460f94bd5767/html5/thumbnails/22.jpg)
Encoding URLs Sent to Clientcont.2. String encodeRedirectURL(String URL)
For exampleString URL = “/servlet/sessiontracker”;
String eURL = response.encodeRedirectURL(URL); response.sendRedirect(eURL);
![Page 23: Session Tracking - 2 Lec 32. Last Lecture Review Session Tracking – why? Need to store state – typical solutions Cookies – already learned URL Rewriting](https://reader036.vdocuments.us/reader036/viewer/2022062517/56649ec85503460f94bd5767/html5/thumbnails/23.jpg)
Example Code
Online Book Store