when we say request.getSession() it will create the session add the session Id in to cookie and stuff it in the resonpse header and give it back to client on the other hand when client says request.getSession() it will give back the created session but. My question is when the server sent back the response the info is in the response not in the request so the client should say response.getSession() instead of request.getSession() is it not why they made it request.getSession()
and once again when the cokkies are created and response.addKookie() is called the server will add the cookie in to response header and send the response back to client. but when client wants to get the cookies it will say request.getKookies() why is it so before sending didnt the server add the cookie in to response header then once the Jsp code recieves it should say response.getKookies() instead of request.getKookies() why they have made it request.getKookies()
The cookies are sent by the browser/client to the server as part of the HTTP request. So it makes sense that that's where there the server would get them. When a request arrives, the response is at that moment empty (it contains nothing); the previous response (where the cookies where created) is no longer accessible at that time.
As for sessions, those are too are associated with requests, because that's where the session cookie comes from.
hey raja, think from the developers(or servers) point of view. I mean the servlet response and request are quite logically modelled. you GET information from the request and PUT some information in the response. You GET cookies, parameters,headers from request.You PUT (or add)cookies, headers, content to the response.
The client is never given access to response and request object.all the client sees is HTML, pdf, xml, etc(that is the processed information). Imagine if the client is given access to request and response.all hell will break loose. A complete security disaster!!
Joined: Mar 02, 2008
Thanks for the replys,
The Java API and classes always exceute on the servers and clinet never gets acccess it only gets HTML and so
That means say i have servlet do display few records in that case servlet is exceuted by the serverand will send only the HTML to the client/browser which will display it to the user.
CLIENT MEANS BROWSER FROM WHICH USER MADE REQUEST CLIENT=BROWSER is that correct.Please correct me if i am wrong
Joined: Mar 22, 2005
Correct, a browser is a client. There are other possible clients (e.g., it's possible for a Java desktop application to access web apps), but browsers are by far the most common ones.
Joined: Mar 02, 2008
Thanks for spending time and replying, I understood the concept of request and response headers now.