SlideShare a Scribd company logo

Session And Cookies In Servlets - Java

Download as PPTX, PDF
J
JainamParikh3

Session tracking maintains the state of users between HTTP requests in servlets. Common techniques include cookies, hidden form fields, URL rewriting, and HTTP sessions. Cookies store data on the client side in the browser cache while HTTP sessions store data on the server side. Cookies have limitations on size and security while sessions can store unlimited data securely on the server but end when the browser closes. Both techniques allow servlets to identify returning users and maintain state across requests.

Software
1 of 30
Download to read offline
1
2
3
4
Most read
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Most read
26
27
28
29
Most read
30
Session And Cookies In Servlets
Table of Contents 1. Servlets 2. The Problem with HTTP 3. Session Tracking in Servlet 4. Cookies 5. Hidden Form Field 6. URL Rewriting 7. HttpSession 8. Session v/s Cookies
What are Servlets anyway? ïżœ Java program that runs on servers. ïżœ Capable of Handling Requests and generating Dynamic Response.
The PROBLEM with HTTP ïżœ HTTP is used as Protocol to transfer data and information between Client and Server. ïżœ HTTP (Hypertext Transfer Protocol) is STATELESS. ïżœ Client - Server Architecture : A Client requests a Server and the Server responses a dynamic page (HTML) when a Servlet processes the requests. ïżœ Server treats every request as a new request as the state (data) of the user is not saved / maintained. ïżœ Server won’t remember anything from the first request and does the same task for the new request even if the user is same as the previous one.
Analogy : The University Admission (Stateless)
Without Session - Stateless Management
Live Demonstration
Session Tracking in Servlet ● Session Tracking is a way to maintain state (data) of an user. ● It is also known as State Management. Techniques : 1. Cookies 2. Hidden Form Field 3. URL Rewriting 4. HttpSession
Cookies
What are Cookies anyway? ïżœ Small piece of textual information stored in Key-Value pair in Client’s Browser. ïżœ Cookie is stored in browser’s cache.
How Does Cookie Work?
1. User Signs Up. Client posts a HTTP request to the server containing username and password. 2. Server receives this request and hashes the password before storing into database.
3. Client logs in. Provides username and password and again a HTTP request is posted to server. 4. Server looks up the username in the database, hashes the supplied login password, and compares it to the previously hashed password in the database.
5. If the credentials are correct, server creates an Access Token, which uniquely identifies the user’s session. 6. We then store the access token in the database associated with that user.
7. Attach the access token with a Cookie returned to client. Now the Cookie has been returned to client and client stores the cookie in browser.
8. On client side now, we are logged in. Every time now a client makes a request for a page that requires authorization (i.e. they need to be logged in), the server obtains the access token from the cookie and checks it against the one in the database associated with that user. If it checks out, access is granted.
Live Demonstration
Hidden Form Field
How does Hidden Form Field Works? ïżœ A hidden text field is used for maintaining state of an user. ïżœ We have form in all pages that can be submitted and we can pass user’s data in an hidden field. ïżœ Does not have to be dependent on browser. ïżœ Works, even if the cookies are disabled. ïżœ Extra Form Submission is required to maintain state. ïżœ Not Ideal.
Live Demonstration
URL Rewriting
How does URL Rewriting Works? ïżœ We append a query string or token to the URL of the next servlet or the next page. ïżœ It will be a name - value pair. ïżœ If multiple data has to be sent then it will be separated by ampersand(&). ïżœ Works even if the cookies are disabled. ïżœ No extra form submission. ïżœ Works with links or hyperlinks.
Live Demonstration
HttpSession
How does HttpSession Works? ïżœ Session simply means small interval of time. ïżœ Used for state management. ïżœ When a client requests a server for the first time, the server creates a Session ID, and stores it with some key value pair like client’s name, email, photo, etc. ïżœ When the client again requests to the server, the server checks the session, if not expired or destroyed, and allows the client to do tasks, without getting to logged in again. ïżœ Session expires in three cases: 1. Closing the Browser 2. Time expired 3. Invalidate
Session And Cookies In Servlets - Java
Live Demonstration
between Cookies and Session
Session ïżœ Stores variables in temporary directory in server. ïżœ Ends when user logout’s or browser closes. ïżœ Stores unlimited amount of data. ïżœ A script can use maximum 128 MB. ïżœ “req.getSession(true)” to create a new session. “req.getSession(false)” to get the already set session. ïżœ “session.setAttribute(key, value)” to set session values. ïżœ “session.invalidate()” or “session.setMaxInactiveInterval(seconds) ” to destroy session. ïżœ Sessions are more secured as they are stored in server and encrypted form. Cookies ïżœ Stores in Client’s (browser). ïżœ Ends on the lifetime set by user. ïżœ Stores limited data. ïżœ Maximum size of Browser’s cookies is 4 KB. ïżœ “new Cookie(key, value)” to create a new cookie. ïżœ “resp.addCookie(c)” to add the cookie in the response. ïżœ “c.setMaxAge(seconds)” to set the expiry time of cookie. ïżœ Cookies are not secured as data is in textual format and it gets stored in client machine.
Session And Cookies In Servlets - Java

More Related Content

PDF
Servlet Filter
AshishSingh Bhatia
 
PPTX
Session tracking in servlets
vishal choudhary
 
PPT
Java Servlets
Nitin Pai
 
PPT
Jsp ppt
Vikas Jagtap
 
PPTX
Java RMI
Prajakta Nimje
 
PPT
Servlets
Sasidhar Kothuru
 
PPTX
Chapter 3 servlet & jsp
Jafar Nesargi
 
PPT
Cookies in servlet
chauhankapil
 
Servlet Filter
AshishSingh Bhatia
 
Session tracking in servlets
vishal choudhary
 
Java Servlets
Nitin Pai
 
Jsp ppt
Vikas Jagtap
 
Java RMI
Prajakta Nimje
 
Servlets
Sasidhar Kothuru
 
Chapter 3 servlet & jsp
Jafar Nesargi
 
Cookies in servlet
chauhankapil
 

What's hot (20)

PPT
Jsp/Servlet
Sunil OS
 
PPTX
Java script
Abhishek Kesharwani
 
PPTX
Php sessions & cookies
baabtra.com - No. 1 supplier of quality freshers
 
PDF
Spring Web Services: SOAP vs. REST
Sam Brannen
 
PPTX
Jdbc Ppt
Centre for Budget and Governance Accountability (CBGA)
 
PPTX
Servlets
Geethu Mohan
 
PPT
JDBC – Java Database Connectivity
Information Technology
 
PPTX
php
ajeetjhajharia
 
PPTX
Java beans
Rajkiran Mummadi
 
PPT
Java Persistence API (JPA) Step By Step
Guo Albert
 
PPTX
Java Server Pages(jsp)
Manisha Keim
 
PPTX
PHP FUNCTIONS
Zeeshan Ahmed
 
PPT
Hibernate architecture
Anurag
 
PDF
Introduction to Bootstrap
Ron Reiter
 
PPTX
Node.js File system & Streams
Eyal Vardi
 
PPTX
java Servlet technology
Tanmoy Barman
 
PPTX
Document Object Model
baabtra.com - No. 1 supplier of quality freshers
 
PPTX
Java Server Pages
Kasun Madusanke
 
PPS
Java Hibernate Programming with Architecture Diagram and Example
kamal kotecha
 
PPTX
Node.js Express
Eyal Vardi
 
Jsp/Servlet
Sunil OS
 
Java script
Abhishek Kesharwani
 
Php sessions & cookies
baabtra.com - No. 1 supplier of quality freshers
 
Spring Web Services: SOAP vs. REST
Sam Brannen
 
Jdbc Ppt
Centre for Budget and Governance Accountability (CBGA)
 
Servlets
Geethu Mohan
 
JDBC – Java Database Connectivity
Information Technology
 
php
ajeetjhajharia
 
Java beans
Rajkiran Mummadi
 
Java Persistence API (JPA) Step By Step
Guo Albert
 
Java Server Pages(jsp)
Manisha Keim
 
PHP FUNCTIONS
Zeeshan Ahmed
 
Hibernate architecture
Anurag
 
Introduction to Bootstrap
Ron Reiter
 
Node.js File system & Streams
Eyal Vardi
 
java Servlet technology
Tanmoy Barman
 
Document Object Model
baabtra.com - No. 1 supplier of quality freshers
 
Java Server Pages
Kasun Madusanke
 
Java Hibernate Programming with Architecture Diagram and Example
kamal kotecha
 
Node.js Express
Eyal Vardi
 
Ad

Similar to Session And Cookies In Servlets - Java (20)

PPTX
IMPORTANT SESSION TRACKING TECHNIQUES.pptx
yvtinsane
 
PPTX
Enterprise java unit-2_chapter-3
sandeep54552
 
PPTX
Session 33 - Session Management using other Techniques
PawanMM
 
PPTX
SessionTrackServlets.pptx
Ranjeet Reddy
 
PPTX
Session 32 - Session Management using Cookies
PawanMM
 
PPTX
Enterprise java unit-2_chapter-2
sandeep54552
 
PPTX
Session tracking In Java
honeyvachharajani
 
PPT
session and cookies.ppt
Jayaprasanna4
 
PDF
Servlet sessions
vantinhkhuc
 
PPT
State management
Lalit Kale
 
PDF
4.4 PHP Session
Jalpesh Vasa
 
PPTX
SCWCD : Session management : CHAP : 6
Ben Abdallah Helmi
 
PPTX
Advance java session 7
Smita B Kumar
 
PPT
Ecom2
Santosh Pandey
 
PPTX
Advance java session 8
Smita B Kumar
 
PPTX
Class 38
srasat73
 
PPTX
Using cookies and sessions
Nuha Noor
 
PPTX
19_JavaScript - Storage_Cookies-tutorial .pptx
ssuser4a97d3
 
DOCX
State management servlet
Thakur Amit Tomer
 
PPTX
Session & Cookies
university of education,Lahore
 
IMPORTANT SESSION TRACKING TECHNIQUES.pptx
yvtinsane
 
Enterprise java unit-2_chapter-3
sandeep54552
 
Session 33 - Session Management using other Techniques
PawanMM
 
SessionTrackServlets.pptx
Ranjeet Reddy
 
Session 32 - Session Management using Cookies
PawanMM
 
Enterprise java unit-2_chapter-2
sandeep54552
 
Session tracking In Java
honeyvachharajani
 
session and cookies.ppt
Jayaprasanna4
 
Servlet sessions
vantinhkhuc
 
State management
Lalit Kale
 
4.4 PHP Session
Jalpesh Vasa
 
SCWCD : Session management : CHAP : 6
Ben Abdallah Helmi
 
Advance java session 7
Smita B Kumar
 
Ecom2
Santosh Pandey
 
Advance java session 8
Smita B Kumar
 
Class 38
srasat73
 
Using cookies and sessions
Nuha Noor
 
19_JavaScript - Storage_Cookies-tutorial .pptx
ssuser4a97d3
 
State management servlet
Thakur Amit Tomer
 
Session & Cookies
university of education,Lahore
 
Ad

Recently uploaded (20)

PPTX
Computer Software and OS of computer science of grade 11.pptx
GauravDahal9
 
PDF
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
PDF
Why TechBuilder is the Future of Pickup and Delivery App Development (1).pdf
TechBuilder
 
PDF
top salesforce developer skills in 2025.pdf
CloudMetic
 
PPTX
assetexplorer- product-overview - presentation
nonameist3434
 
PDF
Softaken Excel to vCard Converter Software.pdf
markwillsonmw004
 
PDF
Claude Code: Everyone is a 10x Developer - A Comprehensive AI-Powered CLI Tool
William Chong
 
PDF
iTop VPN Free 5.6.0.5262 Crack latest version 2025
itskinga12
 
PPTX
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
PDF
wealthsignaloriginal-com-DS-text-... (1).pdf
skmiani786
 
PPTX
Reimagine Home Health with the Power of Agentic AI​
AutomationEdge Technologies
 
PDF
Adobe Illustrator 28.6 Crack My Vision of Vector Design
ghrom2211g
 
PDF
Internet Downloader Manager (IDM) Crack 6.42 Build 41
ghrom2211g
 
PDF
Addressing The Cult of Project Management Tools-Why Disconnected Work is Hold...
OnePlan Solutions
 
PPTX
Embracing Complexity in Serverless! GOTO Serverless Bengaluru
SheenBrisals
 
PPTX
Agentic AI Use Case- Contract Lifecycle Management (CLM).pptx
mhxyzzp
 
PDF
System and Network Administration Chapter 2
jaramharo
 
PPTX
Transform Your Business with a Software ERP System
Canada Software Company
 
PDF
Digital Systems & Binary Numbers (comprehensive )
fyfhqfhtv2
 
PDF
Product Update: Alluxio AI 3.7 Now with Sub-Millisecond Latency
Alluxio, Inc.
 
Computer Software and OS of computer science of grade 11.pptx
GauravDahal9
 
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
Why TechBuilder is the Future of Pickup and Delivery App Development (1).pdf
TechBuilder
 
top salesforce developer skills in 2025.pdf
CloudMetic
 
assetexplorer- product-overview - presentation
nonameist3434
 
Softaken Excel to vCard Converter Software.pdf
markwillsonmw004
 
Claude Code: Everyone is a 10x Developer - A Comprehensive AI-Powered CLI Tool
William Chong
 
iTop VPN Free 5.6.0.5262 Crack latest version 2025
itskinga12
 
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
wealthsignaloriginal-com-DS-text-... (1).pdf
skmiani786
 
Reimagine Home Health with the Power of Agentic AI​
AutomationEdge Technologies
 
Adobe Illustrator 28.6 Crack My Vision of Vector Design
ghrom2211g
 
Internet Downloader Manager (IDM) Crack 6.42 Build 41
ghrom2211g
 
Addressing The Cult of Project Management Tools-Why Disconnected Work is Hold...
OnePlan Solutions
 
Embracing Complexity in Serverless! GOTO Serverless Bengaluru
SheenBrisals
 
Agentic AI Use Case- Contract Lifecycle Management (CLM).pptx
mhxyzzp
 
System and Network Administration Chapter 2
jaramharo
 
Transform Your Business with a Software ERP System
Canada Software Company
 
Digital Systems & Binary Numbers (comprehensive )
fyfhqfhtv2
 
Product Update: Alluxio AI 3.7 Now with Sub-Millisecond Latency
Alluxio, Inc.
 

Session And Cookies In Servlets - Java

  • 2. Table of Contents 1. Servlets 2. The Problem with HTTP 3. Session Tracking in Servlet 4. Cookies 5. Hidden Form Field 6. URL Rewriting 7. HttpSession 8. Session v/s Cookies
  • 3. What are Servlets anyway? ïżœ Java program that runs on servers. ïżœ Capable of Handling Requests and generating Dynamic Response.
  • 4. The PROBLEM with HTTP ïżœ HTTP is used as Protocol to transfer data and information between Client and Server. ïżœ HTTP (Hypertext Transfer Protocol) is STATELESS. ïżœ Client - Server Architecture : A Client requests a Server and the Server responses a dynamic page (HTML) when a Servlet processes the requests. ïżœ Server treats every request as a new request as the state (data) of the user is not saved / maintained. ïżœ Server won’t remember anything from the first request and does the same task for the new request even if the user is same as the previous one.
  • 5. Analogy : The University Admission (Stateless)
  • 6. Without Session - Stateless Management
  • 8. Session Tracking in Servlet ● Session Tracking is a way to maintain state (data) of an user. ● It is also known as State Management. Techniques : 1. Cookies 2. Hidden Form Field 3. URL Rewriting 4. HttpSession
  • 10. What are Cookies anyway? ïżœ Small piece of textual information stored in Key-Value pair in Client’s Browser. ïżœ Cookie is stored in browser’s cache.
  • 12. 1. User Signs Up. Client posts a HTTP request to the server containing username and password. 2. Server receives this request and hashes the password before storing into database.
  • 13. 3. Client logs in. Provides username and password and again a HTTP request is posted to server. 4. Server looks up the username in the database, hashes the supplied login password, and compares it to the previously hashed password in the database.
  • 14. 5. If the credentials are correct, server creates an Access Token, which uniquely identifies the user’s session. 6. We then store the access token in the database associated with that user.
  • 15. 7. Attach the access token with a Cookie returned to client. Now the Cookie has been returned to client and client stores the cookie in browser.
  • 16. 8. On client side now, we are logged in. Every time now a client makes a request for a page that requires authorization (i.e. they need to be logged in), the server obtains the access token from the cookie and checks it against the one in the database associated with that user. If it checks out, access is granted.
  • 19. How does Hidden Form Field Works? ïżœ A hidden text field is used for maintaining state of an user. ïżœ We have form in all pages that can be submitted and we can pass user’s data in an hidden field. ïżœ Does not have to be dependent on browser. ïżœ Works, even if the cookies are disabled. ïżœ Extra Form Submission is required to maintain state. ïżœ Not Ideal.
  • 22. How does URL Rewriting Works? ïżœ We append a query string or token to the URL of the next servlet or the next page. ïżœ It will be a name - value pair. ïżœ If multiple data has to be sent then it will be separated by ampersand(&). ïżœ Works even if the cookies are disabled. ïżœ No extra form submission. ïżœ Works with links or hyperlinks.
  • 25. How does HttpSession Works? ïżœ Session simply means small interval of time. ïżœ Used for state management. ïżœ When a client requests a server for the first time, the server creates a Session ID, and stores it with some key value pair like client’s name, email, photo, etc. ïżœ When the client again requests to the server, the server checks the session, if not expired or destroyed, and allows the client to do tasks, without getting to logged in again. ïżœ Session expires in three cases: 1. Closing the Browser 2. Time expired 3. Invalidate
  • 29. Session ïżœ Stores variables in temporary directory in server. ïżœ Ends when user logout’s or browser closes. ïżœ Stores unlimited amount of data. ïżœ A script can use maximum 128 MB. ïżœ “req.getSession(true)” to create a new session. “req.getSession(false)” to get the already set session. ïżœ “session.setAttribute(key, value)” to set session values. ïżœ “session.invalidate()” or “session.setMaxInactiveInterval(seconds) ” to destroy session. ïżœ Sessions are more secured as they are stored in server and encrypted form. Cookies ïżœ Stores in Client’s (browser). ïżœ Ends on the lifetime set by user. ïżœ Stores limited data. ïżœ Maximum size of Browser’s cookies is 4 KB. ïżœ “new Cookie(key, value)” to create a new cookie. ïżœ “resp.addCookie(c)” to add the cookie in the response. ïżœ “c.setMaxAge(seconds)” to set the expiry time of cookie. ïżœ Cookies are not secured as data is in textual format and it gets stored in client machine.