Session

Hi,

Please clarrify my doubts..

1. when can we use URL writting, hidden fields, cookies and HttpSession to handle session?

2. if the client disabled the cookies, what will happen to the session? how can we handle the session if the client disabled the cookies?

3. is HttpSession uses Cookies ?

thanks ,
Thennam Pandian.

1) By default only cookies will be used. Some servers need to to be configured to allow URL rewriting. Hidden fields are not supported by default, and I have never seen them used in Java.

2) If the client 'disables cookies', cookie based sessions may or may not work depending on what they allow. By default session cookies are stored in-memory and not written to the hard drive. In some cases these in-memory cookies will still be allowed but persistent cookies will not.

3) by default sessions use cookies.

Hi,

Thank you for your reply.

if the cookies are stored in server side memory, how the server will recognize the request( whether is it a new request or a old request?)

Cookies are never stored on the server.
They are always stored on the client.

Session data is stored on the server.
The only thing stored in the cookie is the sessionID.
This, to answer your question, is how the server knows which client initiated each request and is used to match up the client with their session.
[ May 02, 2008: Message edited by: Ben Souther ]

Thanks now i understood Cookies and session ....

use session..very easy..to use....nice & smooth..

// Create Session...

session.setAttribute("session_name",variable_name);

// Retrive Back ..

variable_name = session.getAttribute("session_name").toString();

Also, the original poster wasn't asking how to use sessions.
He was asking how they work.

From the looks of his last post, it appears that his question was answered.

-Ben

I wrote a small servlet to validate my understanding in reference to your question. Posting its code, maybe it helps:

void processRequest(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        response.setContentType("text/html;charset=UTF-8");
        HttpSession session = request.getSession();
        PrintWriter out = response.getWriter();
        try {
 
            out.println("<html>");
            out.println("<body>");
            /*If cookies are not supported, a new session is always created on refresh(F5)*/
            if (session.isNew()) {
                out.println("A new session is created");
                out.println("Session id:"+session.getId());
            } 
            /*If cookies are supported, old session is retained on refresh(F5)*/
            else {
                out.println("This is an old session");
            }
            /*If cookies are not supported, jsessionid is appended else only 'Hello' is printed*/
            out.println("Encoded URL:"+response.encodeURL("Hello"));
            out.println("</body>");
            out.println("</html>");
 
        } finally {
            out.close();
        }
    }