This week's book giveaway is in the Jobs Discussion forum.
We're giving away four copies of Java Interview Guide and have Anthony DePalma on-line!
See this thread for details.
The moose likes Servlets and the fly likes Session Tracking Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Java Interview Guide this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Session Tracking" Watch "Session Tracking" New topic

Session Tracking


Joined: Jun 23, 2000
Posts: 26
Can Someone elucidate what is Session Tracking ?

Thanks in advance
Tony Alicea

Joined: Jan 30, 2000
Posts: 3226
The HTTP protocol is by design, stateless. That means that if you call a web page on a site and then click on another, the server doesn't remember that you visited the previous page.
You can see how a shopping cart could not be maintained that way so there has to be some way of TRACKING what the user is doing. The HTTP protocol as I said is stateless so something had to be invented to track the "motion" of a user in a web site.
Cookies are one way of doing this. When you go to a site for the first time, a cookie is sent to your browser that says (for example) "this is session ID ANBVVSTTTTYYYYY121u867ttt". The server then starts a "file" on that session ID.
Every time you click on a link on the site, the cookie (i.e., the session ID) is sent back to the server without you having to do anything special; this is the way browsers are designed. The server then "knows" What You Did Last Summer; I mean what you have seen so far on the site
If it wasn't for Session Tracking, every click by the same user on a page would be unrelated to every other click: That's what "stateless" means.
Cookies are not, repeat, NOT the only way to implement session tracking!
In fact it would be stupid for an e-commerce site to depend exclusively on Cookies for session tracking. That's because a lot of people are paranoid and disable cookies in their browsers.
The fear is overblown, IMHO.
Another simple but very effective way to do session tracking is what is called "URL re-writing".
This consists of appending the session ID to EVERY (and it has to be every!) URL sent to the client in the site pages. That way when you click, the session ID is sent to the server as part of the URL that you clicked as in, e.g.

Tony Alicea
Senior Java Web Application Developer, SCPJ2, SCWCD
I agree. Here's the link:
subject: Session Tracking
It's not a secret anymore!