I have developed a very simple example to illustrate session management:
First I am clarifying that, I haven't written any special code for URL rewritting, so there is only one way to maintain session and that is cookies.
Now, when user will open login.jsp and enter username and password, the request will go to
servlet. Servlet will create session, add id of this session into cookies and add this cookies into response, forward request to welcome.jsp. After completing welcome.jsp, the servlet will respond to the client...
Now, if we click on 'next' link, the same cookies will come with this new request, container will find session as per the session id found in cookies, and go further...
But before clicking on 'next' button, I am deleting all the cookies through browser (means, no cookies will come with this request), but still container is able to manage session. How??? Thanks.
[ July 15, 2006: Message edited by: rathi ji ]
[ July 15, 2006: Message edited by: Bear Bibeault ]