ZeePedia buy college essays online

Web Design and Development

<<< Previous JAVA: Session Tracking 1 Next >>>
Web Design & Development ­ CS506
Lesson 31
Session Tracking
We have discussed the importance of session tracking in the previous handout. Now, we'll discover the
basic techniques used for session tracking. Cookies are one of these techniques and remain our focus in this
handout. Cookies can be used to put small information on the client's machine and can be used for various
other purposes besides session tracking. An example of simple "Online Book Store", using cookies, will
also be surveyed.
As mentioned elsewhere, HTTP is a stateless protocol. Every request is considered independent of every
other request. But many applications need to maintain a conversational state with the client. A shopping
cart is a classical example of such conversational state.
Store State Somewhere
To maintain the conversational state, the straightforward approach is to store the state. But where? These
states either can be stored on server or on client. However, both options have their merits and demerits.
Let's cast a glance on these options:
Storing state on server side makes server really complicated as states needed to be stored for each client.
Some one can imagine how much space and processing is required in this scenario as some web servers are
hit more than hundred times in a second. E.g. Google, Yahoo etc.
What if states are stored on client side in order to maintain a conversation? Do all the clients permit you
doing that? What if client (user) wiped out these states from the machine?
Concluding this discussion, state is stored neither completely on server side nor on client. States are
maintained by the mutual cooperation of both client & server. Generally modern servers give the capability
to store state on the server side and some information (e.g. client ID/state ID) passed from the client will
relate each client with its corresponding state.
In order to maintain the conversational state, server puts little notes (some text, values etc) on the client
slide. When client submits the next form, it also unknowingly submits these little notes. Server reads these
notes and able to recall who the client is.
Three Typical Solutions
Three typical solutions come across to accomplish session tracking. These are:
URL Rewriting
Hidden Fields
What a cookie is?
Don't be tempted? These are not, what you might be thinking off. In fact, in computer terminology, "a
cookie is a piece of text that a web server can store on a client's (user) hard disk".
Cookies allow the web sites to store information on a client machine and later retrieve it. The pieces of
information are stored as name-value pair on the client. Later while reconnecting to the same site (or same
domain depending upon the cookie settings), client returns the same name-value pair to the server.
Cookie's Voyage
To reveal the mechanism of cookies, let's take an example. We are assuming here that the web
application we are using will set some cookies
If you type URL of a Web site into your browser, your browser sends a request for that web page
o  For example, when you type www.amazon.com a request is send to the Amazon's server
Before sending a request, browser looks for cookie files that amazon has set
If browser finds one or more cookie files related to amazon, it will send it along with the
o  If not, no cookie data will be sent with the request
Amazaon web server receives the request and examines the request for cookies
o  If cookies are received, amazon can use them
Web Design & Development ­ CS506
If no cookie is received, amazon knows that you have not visited before or the cookies
that were previously set got expired.
o  Server creates a new cookie and send to your browser in the header of HTTP
Response so that it can be saved on the client machine.
Potential Uses of Cookies
Whether cookies have more pros or cons is arguable. However, cookies are helpful in the following
Identifying a user during an e-commerce session. For example, this book is added into shopping
cart by this client.
Avoiding username and password as cookies are saved on your machine
Customizing a site. For example, you might like email-inbox in a different look form others. This
sort of information can be stored in the form of cookies on your machine and latter can be used to
format inbox according to your choice.
Focused Advertising. For example, a web site can store information in the form of cookies about
the kinds of books, you mostly hunt for.
Sending Cookies to Browser
Following are some basic steps to send a cookie to a browser (client).
1. Create a Cookie Object
A cookie object can be created by calling the Cookie constructor, which takes two strings: the
cookie name and the cookie value.
Cookie c = new Cookie ("name", "value");
2. Setting Cookie Attributes
Before adding the cookie to outgoing headers (response), various characteristics of the cookie can
be set. For example, whether a cookie persists on the disk or not. If yes then how long.
A cookies by default, lasts only for the current user session (i.e. until the user quits the session) and
will not be stored on the disk.
Using setMaxAge(int lifetime) method indicates how much time (in seconds) should elapse before
the cookie expires.
c.setMaxAge(60); // expired after one hour
3. Place the Cookie into HTTP response
After making changes to cookie attributes, the most important and unforgettable step is to add this
currently created cookie into response. If you forget this step, no cookie will be sent to the
Reading Cookies from the Client
To read the cookies that come back from the client, following steps are generally followed.
1. Reading incoming cookies
To read incoming cookies, get them from the request object of the HttpServeltRequest by calling
following method
Cookie cookies[] = request.getCookies();
This call returns an array of Cookies object corresponding to the name & values that came in the
HTT P request header.
2. Looping down Cookies Array
Once you have an array of cookies, you can iterate over it. Two important methods of Cookie class
are getName()& getValue(). These are used to retrieve cookie name and value respectively.
// looping down the whole cookies array
for(int i=0; i<cookies.length; i++) {
// getting each cookie from the arrayCookie c = cookies[i];
// in search for particular cookie
if( c.getName().equals("someName") {
/* if found, you can do something with cookieor with the help of cookie.
If don't want to process further, loop canalso be stopped using break
Web Design & Development ­ CS506
} // end for
Example Code1: Repeat Visitor
In the example below, servlet checks for a unique cookie, named "repeat". If the cookie is present, servlet
displays "Welcome Back". Absence of cookie indicates that the user is visiting this site for the first time
thus servlet displays a message "Welcome Aboard".
This example contains only one servlet "RepeatVisitorServlet.java" and its code is given below. A code
snippet of web.xml is also accompanied.
Note: As a reminder, all these examples are built using netBeans4.1. This IDE will write web.xml for you.
However, here it is given for your reference purpose only, or for those which are not using any IDE to
strengthen their concepts
import java.io.*;import java.net.*;import
javax.servlet.*;import javax.servlet.http.*;
public class RepeatVisitorServlet extends HttpServlet {
// Handles the HTTP <code>GET</code> method.
protected void doGet(HttpServletRequest request,
HttpServletResponse response)throws ServletException, IOException{
processRequest(request, response);
// Handles the HTTP <code>POST</code> method.
protected void doPost(HttpServletRequest request,
HttpServletResponse response)throws ServletException, IOException{
processRequest(request, response);
// called from both doGet() & doPost()
protected void processRequest(HttpServletRequest request,
HttpServletResponse response)throws ServletException, IOException{
PrintWriter out = response.getWriter();
// writing html
out.println("<h2>Cookie Example </h2>");
String msg = "";
boolean repeatVisitor = false;
// reading cookies
Cookie[] cookies = request.getCookies();
// if cookies are returned from request object
if (cookies != null) {//search for cookie -- repeatfor (int i = 0; i < cookies.length; i++) {
// retrieving one cookie out of array
Web Design & Development ­ CS506
Cookie c = cookies[i];
// retrieving name & value of the cookie
String name = c.getName();
String val = c.getValue();
// confirming if cookie name equals "repeat" and
// value equals "yes"
if( name.equals("repeat") && val.equals("yes"))
msg= "Welcome Back";repeatVisitor = true;break;
} // end for
} // end if
// if no cookie with name "repeat" is foundif (repeatVisitor == false){
// create a new cookie
Cookie c1 = new Cookie("repeat", "yes");
// setting time after which cookies expires
// adding cookie to the response
msg = "Welcome Aboard";
// displaying message value
out.println("<h2>" + msg + "</h2>");
out.close();}}// end RepeatVisitorServlet
<?xml version="1.0" encoding="UTF-8"?>
<servlet> <servlet-name> RepeatVisitorServlet </servlet-name><servlet-class> RepeatVisitorServlet
<servlet-mapping><servlet-name> RepeatVisitorServlet </servlet-name><url-pattern> /repeatexample
On first time visiting this URL, an output similar to the one given below would be displayed
Web Design & Development ­ CS506
On refreshing this page or revisiting it within an hour (since the age of cookie was set to 60 mins),
following output should be expected.
Example Code2: Online Book Store using cookies
A scale down version of online book store is going to be built using cookies. For the first time,
cookies will be used to maintain the session.
Three books will be displayed to the user along with check boxes. User can select any check box to add the
book in the shopping cart. The heart of the application is, it remembers the books previously selected by the
The following figure will help you understand the theme of this example. Books displayed under the
heading of "You have selected the following books" were added to cart one after another. The important
thing is server that remembers the previously added books by the same user and thus maintains the session.
Session management is accomplished using cookies.
Web Design & Development ­ CS506
Online Book Store example revolves around one ShoppingCartServlet.java. This Servlet has one global
HashMap (globalMap) in which HashMap of individual user (sessionInfo) are going to be stored. This
(sessionInfo) HashMap stores the books selected by the user.
What's the part of cookies? Cookie (named JSESSIONID, with unique value) is used to keep the unique
sessionID associated with each user. This sessionID is passed back and forth between user and the server
and is used to retrieve the HashMap (sessionInfo) of the user from the global HashMap at the server. It
should be noted here that, HashMaps of individual users are stored in a global HashMap against a
import java.io.*;import java.net.*;import
javax.servlet.*;import javax.servlet.http.*;
public class ShoppingCartServlet extends HttpServlet {
// used to generate a unique value which is
// used as a cookie value
public static int S_ID = 1;
// used to store HashMaps of indiviual users
public static HashMap globalMap = new HashMap();
// Handles the HTTP GET method.
protected void doGet(HttpServletRequest request,
HttpServletResponse response)throws ServletException, IOException{
processRequest(request, response);
Web Design & Development ­ CS506
// Handles the HTTP <code>POST</code> method.
protected void doPost(HttpServletRequest request,
HttpServletResponse response)throws ServletException, IOException{
processRequest(request, response);
// called from both doGet() & doPost()
protected void processRequest(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
// declaring user's HashMap
HashMap sessionInfo = null;String sID = "";
// method findCookie is used to determine whether browser// has send any cookie named
Cookie c = findCookie(request);
// if no cookies named "JSESSIONID" is recieved, means that// user is visiting the site for the first time.
if (c == null) {
// make a unique string
sID = makeUniqueString();
// creating a HashMap where books selected by the// user will be stored
sessionInfo = new HashMap();
// add the user's HashMap (sessionInfo) into the// globalMap against unique string i.e. sID
globalMap.put(sID, sessionInfo);
// create a cookie named "JSESSIONID" alongwith
// value of sID i.e. unique string
Cookie sessionCookie = new Cookie("JSESSIONID", sID);
// add the cookie to the response
} else {
// if cookie is found named "JSESSIONID",// retrieve a HashMap from the globalMap
against// cookie value i.e. unique string which is your//sessionID
sessionInfo = (HashMap) globalMap.get( c.getValue() );
PrintWriter out = response.getWriter();
out.println("<title>Shooping Cart Example</title>");
out.println("<h1>Online Book Store</h1>");
String url ="http://localhost:8084/cookiesessionex/shoppingcartex";
// user will submit the from to the same servlet
out.println("<form action=" + url +">" +"<h3><input type=checkbox name=firstCB value=firstCB
Web Design & Development ­ CS506
/>" +" java core servlts</h3>" +"<br>"+
"<h3><input type=checkbox name=secondCB value=secondCB />" +
" java how to program</h3>" +
"<h3><input type=checkbox name=thirdCB value=thirdCB />" +
" java complete reference</h3>" +
"<input type=submit value=\"Add to Cart\" />" +
out.println("<h1>You have selected followig books</h1>");
//reteriving params of check boxes
String fBook = request.getParameter("firstCB");
String sBook = request.getParameter("secondCB");
String tBook = request.getParameter("thirdCB");
// if first book is selected then add it to
// user's HashMap i.e. sessionInfo
if ( fBook != null && fBook.equals("firstCB") ) {
sessionInfo.put("firstCB", "java core servlets");
// if second book is selected then add it to
// user's HashMap i.e. sessionInfo
if (sBook != null && sBook.equals("secondCB")){sessionInfo.put("secondCB",
"java how to program");}
// if third book is selected then add it to
// user's HashMap i.e. sessionInfo
if (tBook != null && tBook.equals("thirdCB")){sessionInfo.put("thirdCB", "java
complete reference");}
// used to display the books currently stored in
// the user's HashMap i.e. sessionInfo
printSessionInfo(out, sessionInfo);
} // end processRequest() // method used to generate a unique string
public String makeUniqueString(){return "ABC" + S_ID++;}
// returns a reference global HashMap.
public static HashMap findTableStoringSessions(){return globalMap;}
// method used to find a cookie named "JSESSIONID"
Web Design & Development ­ CS506
public Cookie findCookie(HttpServletRequest request){
Cookie[] cookies = request.getCookies();
if (cookies != null) {
for(int i=0; i<cookies.length; i++) {
Cookie c = cookies[i];
if (c.getName().equals("JSESSIONID")){// doSomethingWith cookiereturn c;
return null;
// used to print the books currently stored in// user's HashMap. i.e. sessionInfo
public void printSessionInfo(PrintWriter out,HashMap sessionInfo){
String title = "";
title= (String)sessionInfo.get("firstCB");
if (title != null){
out.println("<h3> "+ title +"</h3>");
title= (String)sessionInfo.get("secondCB");
if (title != null){
out.println("<h3> "+ title +"</h3>");
title= (String)sessionInfo.get("thirdCB");if (title !=
null){out.println("<h3> "+ title +"</h3>");}}
} // end ShoppingCartServlet
<?xml version="1.0" encoding="UTF-8"?>
<servlet> <servlet-name> ShoppingCart </servlet-name><servlet-class> ShoppingCartServlet </servlet-
<servlet-name> ShoppingCart </servlet-name>
<url-pattern> /shoppingcartex </url-pattern>
Java A Lab Course by Umair Javed
Core Servlets and JSP by Marty Hall
Stanford Course ­ Internet Technologies
Java API documentation