This week's book giveaway is in the Mac OS forum.
We're giving away four copies of a choice of "Take Control of Upgrading to Yosemite" or "Take Control of Automating Your Mac" and have Joe Kissell on-line!
See this thread for details.
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Doubt  in request Vs response Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "Doubt  in request Vs response" Watch "Doubt  in request Vs response" New topic
Author

Doubt in request Vs response

raja ram
Ranch Hand

Joined: Mar 02, 2008
Posts: 169
Hi,

when we say request.getSession() it will create the session add the session Id in to cookie and stuff it in the resonpse header and give it back to client on the other hand when client says request.getSession() it will give back the created session but. My question is when the server sent back the response the info is in the response not in the request so the client should say response.getSession() instead of request.getSession() is it not why they made it request.getSession()

and once again when the cokkies are created and response.addKookie() is called the server will add the cookie in to response header and send the response back to client. but when client wants to get the cookies it will say request.getKookies() why is it so before sending didnt the server add the cookie in to response header then once the Jsp code recieves it should say response.getKookies() instead of request.getKookies()
why they have made it request.getKookies()

Thanks
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42039
    
  64
The cookies are sent by the browser/client to the server as part of the HTTP request. So it makes sense that that's where there the server would get them. When a request arrives, the response is at that moment empty (it contains nothing); the previous response (where the cookies where created) is no longer accessible at that time.

As for sessions, those are too are associated with requests, because that's where the session cookie comes from.


Ping & DNS - my free Android networking tools app
raja ram
Ranch Hand

Joined: Mar 02, 2008
Posts: 169
Hi,

Thanks for the reply
The cookies are sent by the browser/client to the server as part of the HTTP request.


But the cookies as well as the sessions are created by the server and not by the client in that case first server will be the one to insert the cookies in to response. is that correct.

Thanks
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42039
    
  64
Yes, the cookies are inserted into the response. But when the next request is made, the previous response is no longer accessible, or even valid.

Plus, the cookies of the next request do not necessarily have to be the same as the ones set in the previous response (although they usually are).
Marc Peabody
pie sneak
Sheriff

Joined: Feb 05, 2003
Posts: 4727

Originally posted by raja ram:
... so the client should say response.getSession() instead of request.getSession() is it not why they made it request.getSession()...

The client can't call getSession() on anything because it doesn't have access to the Java API classes. Java classes are always processed on the server, never on the client.


A good workman is known by his tools.
Ash More'
Ranch Hand

Joined: Apr 20, 2008
Posts: 47
hey raja,
think from the developers(or servers) point of view. I mean the servlet response and request are quite logically modelled. you GET information from the request and PUT some information in the response. You GET cookies, parameters,headers from request.You PUT (or add)cookies, headers, content to the response.

The client is never given access to response and request object.all the client sees is HTML, pdf, xml, etc(that is the processed information). Imagine if the client is given access to request and response.all hell will break loose. A complete security disaster!!
raja ram
Ranch Hand

Joined: Mar 02, 2008
Posts: 169
Hi,

Thanks for the replys,
The Java API and classes always exceute on the
servers and clinet never gets acccess it only gets HTML and so


That means say i have servlet do display few records in that case servlet is exceuted by the serverand will send only the HTML to the client/browser which will display it to the user.

CLIENT MEANS BROWSER FROM WHICH USER MADE REQUEST CLIENT=BROWSER is that correct.Please correct me if i am wrong

Thanks
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42039
    
  64
Correct, a browser is a client. There are other possible clients (e.g., it's possible for a Java desktop application to access web apps), but browsers are by far the most common ones.
raja ram
Ranch Hand

Joined: Mar 02, 2008
Posts: 169
Hi All,

Thanks for spending time and replying, I understood the concept of request and response headers now.

Thanks
 
GeeCON Prague 2014
 
subject: Doubt in request Vs response