by Dinesh Thakur Category: Session

• The limitation with third technique is, if cookies are restricted from coming to browser then third technique fails to perform session tracking because it uses in memory cookie to send session id to browser from web application along with response and to bring session id to web application from browser window along with request.

• To overcome this problem Httpsession is used with URL rewriting which does not use cookies to send and receive session id. Moreover, this technique appends session id to a url that goes to the browser window from web application along with the request. Generally, we append session id to the action url (the action attribute of form tag) of dynamic form page generation code.

res.encodeURL("s2url"); gives s2url; jsessionId:4243541A3F723

This method uses URL appended with current objects session id as shown above.

• By taking above kind of URL of dynamic form page we can perform Http session with URL rewriting based session tracking.

In Servlet program:

pw.println("<form action ="+res.encodeURL("sur1") +"method=get>");

pw.println ("........");

pw.println ("...... ") ;

pw.println("</form>");

Develop the above application

Step 1: Prepare the deployment directory structure of web application

Step 2: Develop the source code of above servlet program or web application.

input.html

<center>

            <form action="srv1" method="get">

                                    Username :<input type="text" name='uname'><br>

                                    Password : <input type="password" name= 'pass' ><br>

                                   <input type='submit' value='login' >

           </form>

</center>

Servlet1.java

import java.io.*;

 import javax.servlet.*;

 import javax.servlet.http.*;

   public class Servlet1 extends HttpServlet

    {

       public void doGet (HttpServietRequest  req,HttpServletResponse res) throws ServletException, IOException

        {

          PrintWriter pw;

          //set content type and other response header fields first

            response.setContentType ("text/html");

          //then write the data of the response

          pw=response.getWriter();

          //get values submitted by the form

          String s1 =request.getParameter("uname");

          String s2=request.getParameter("pass");

          HttpSession hs=request.getSession(true);

          hs.setAttribute("user" ,s1);

          hs.setAttribute("pass",s2);

          pw.println ("<center><b>");

          pw.println("<form action="+response.encodeUrl("srv2")+">");

          pw.println("Enter dob :<input type='text' name='dob'><br>");

          pw.println("Enter place :<input type='text' name='place'><br>");

          pw.println("<input type='submit'value='click'>");

          pw.println("</form><lcenter>");

          pw.close( ) ;

        }

     }

Servlet2.java

 import java.io.*;

 import javax.servlet.*;

 import javax.servlet.http.*;

 import java.util.*;

    public class Servlet2 extends HttpServlet

     {

       public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException

         {

           PrintWriter pw;

           //set content type and other response header fields first

           response.setContentType("text/html");

           //then write the data of the response

           pw=response.getWriter();

           HttpSession hs=request.getSession();

           String s1=request.getParameter("dob");

           String s2=request.getParameter("place");

           Enumeration e=hs.getAttributeNames();

           pw.println("<center><b>");

           while(e.hasMoreElements())

             {

               Object o =e.nextElement();

               String k=o.toString();

               String v=(String)hs.getAttribute(k);

               pw.println("<br>"+v);

               pw.println("<br>"+s1);

               pw.println("<br>"+s2);

               pw.println("<br></center>");

               pw.close( );

              }

         }

      }

web.xml

 <web-app>

     <servlet>

              <servlet-name>f</servlet-name>

              <servlet-class>Servlet1</servlet-class>

    </servlet>

    <servlet-mapping>

              <servlet-name>f</servlet-name>

              <url-pattern>/srvl</url-pattern>

    </servlet-mapping>

    <servlet>

             <servlet-name>s</servlet-name>

             <servlet-class>Servlet2</servlet-class>

    </servlet>

    <servlet-mapping>

             <servlet-name>s</servlet-name>

             <url-pattern>/srv2</url-pattern>

    </servlet-mapping>

 </web-app>

Step 3: Compile the source files of all the servlet programs.

Step 4: Configure all the four servlet programs in web.xml file having four different url patterns.

Step 5: Start the server (Tomcat).

Step 6:Deploy the web application and Copy UrlApp folder to Tomcat_home\ webapps folder.

Step 7: Test the web application.

Open browser window and type this URL: http:/ / /localhost:2020/UrlApp/input. html

Advantages and Disadvantages of httpsession with URL rewriting: Same as httpsession with cookies technique but this technique also works even though cookies are restricted from coming to browser window.

Conclusion on session tracking technique

• While developing large scale and commercial websites which contain huge customer base take support of httpsession technique. Ex:ww.gmail.com,www.yahoomail.com

• While developing medium scale and certain organization based websites which contain limited amount of customers use httpsession with URL rewriting technique.

Example:www.ecomputernotes.com

• We can use multiple session tracking techniques in a single web application development. For example online shopping websites like www.yebhi.comuses, both http cookies, httpsession with URL rewriting techniques.                                                                     

                  |                                               |

 For holding shopping                      For holding login details

  cart information                             (username, password)





About Dinesh Thakur

Dinesh ThakurDinesh Thakur holds an B.SC (Computer Science), MCSE, MCDBA, CCNA, CCNP, A+, SCJP certifications. Dinesh authors the hugely popular blog. Where he writes how-to guides around Computer fundamental , computer software, Computer programming, and web apps. For any type of query or something that you think is missing, please feel free to Contact us.