State and Session Management - PowerPoint PPT Presentation

About This Presentation
Title:

State and Session Management

Description:

BODY BGCOLOR='0000FF' ! background is blue P Please select from the list below /P ... BODY BGCOLOR='0000FF' FORM ACTION='SomeServlet' METHOD=POST P ... – PowerPoint PPT presentation

Number of Views:13
Avg rating:3.0/5.0
Slides: 15
Provided by: cse8
Learn more at: https://www.cse.scu.edu
Category:

less

Transcript and Presenter's Notes

Title: State and Session Management


1
State and Session Management
  • HTTP is a stateless protocol it has no memory
    of prior connections and cannot distinguish one
    request from another.
  • The server cannot uniquely identify each user,
    therefore cannot implement user-defined
    preferences.
  • A session is a persistent network connection
    between two hosts, for example, a client and a
    server, to exchange information.
  • An HTTP session is a virtual connection between
    the client and host.
  • A typical HTTP transaction involves
  • The client establishes a connection to the
    server.
  • The client issues a request to the server.
  • The client receives a response.
  • The connection is closed.

2
  • A virtual connection associated each request with
    the client that issued it.
  • It is required that each client returns a piece
    of state information (session id or user id) with
    each request.
  • The server uses the session id to uniquely
    identify each user and it with clients previous
    requests.
  • A virtual connection, therefore, maintains the
    state and client identity across multiple
    requests (all sharing the same session ID).
  • An HTTP session may expire after a period of
    inactivity.

3
  • State Management is the ability to maintain a
    clients current state by passing the
    client-specific information with each request,
    for example, users preferences for a background
    color.. A server may not uniquely identify the
    clients identity.
  • Session Management maintains both state and
    identity. The association in a session management
    exists for a period of time between a client a
    server across multiple requests.

4
Session Management
  • Storing session Information in the URL Path.
  • Rewritten URLs and hidden Variables
  • Cookies

5
Storing Information in the URL Path
  • Storing Session Information in the URL Path
  • Server sends state information to the client.
  • The client returns the state information with
    each request.
  • The session ID is embedded in the URL path.
  • The following sequence of actions take place
  • The client requests a document at
    http//www.users.com/login.html - is a HTML form
    for users login name and password.
  • When a valid users name and password are
    received, the server generates a unique session
    id and redirects the client to
  • http//www.users.com/sessionID/12345/welcome.htm

6
  • The server parses the path portion of all
    requested URLs for a valid session id.
  • From this point onwards, the hyperlinks within
    all documents returned to the client will use
    only relative URLs. The browser automatically
    fills in the missing protocol, host and path
    information along with the session Id.
  • This feature will work with all browsers
    (including those that do not support cookies.

7
Rewritten URLs
  • Rewritten URLs pass state info. Between the
    client and the server by embedding information in
    the URL of all hyperlinks within an HTML
    document.
  • An example scenario
  • 1. The server presents the client with a form to
    choose the background color.
  • ltPgt Please select a background color
  • ltA HREFOrderServlet?bcolorbluegtBLUElt/Agt
  • ltA HREFOrderServlet?bcolorgreengtGREENlt/Agt

8
Rewritten URLs
  • 2.The color preference is transmitted between the
    client and the server with each request.
  • The HTML form below is returned to the client
  • ltHTMLgt
  • ltBODY BGCOLOR0000FFgt lt! background is blue
  • ltPgtPlease select from the list belowlt/Pgt
  • ltA HREF/catalog.htm?bcolorbluegtBook
    Cataloglt/Agt
  • ltA HREFsearch.htm?bcolorbluegtSearch The
    sitelt/Agt
  • The server added the query string bcolorblue to
    every hyperlink in the document.

9
Rewritten URLs
  • Instead of storing a clients preference, a
    Session Id can be used in place of preference,
    for session management.
  • Rewritten URLs are effective only when the client
    follows a hyperlink. If the form is submitted
    without following the hyper link, the
    state/session information is not passed to the
    server.

10
Hidden Variables
  • Hidden variables in an HTML form operate like
    other input fields (Text fields, check boxes,
    radio buttons) and transmit information as
    name/value pairs.
  • The hidden fields are not visible to the to the
    client (hence cannot modify).
  • Hidden variables work only when the client
    submits the HTML form.

11
Example
  • 1. The server presents the client with a form to
    choose the background color.
  • ltFORM ACTIONSomeServlet METHOD POSTgt
  • ltINPUT TYPERADIOgtBLUE NAMEbcolorVALUEblue
    lt/Agt
  • 2. On receiving the HTML form, the server
    extracts the value of bcolor and constructs the
    next HTML page and sets the background to blue.
    The color preference is stored in a hidden
    variable in the document.
  • ltBODY BGCOLOR0000FFgt
  • ltFORM ACTIONSomeServlet METHODPOST
  • ltPgtPlease enter your last name
  • ltINPUT TYPETEXT NAMEname SIZE25
  • ltINPUT TYPEHIDDEN NAMEbcolor VALUE
    bluegt

12
Rewritten URLs and Hidden variables
  • It is sometimes necessary to use both rewritten
    URLs and hidden variables to maintain state and
    session with HTTP.
  • All hyperlinks will contain session ID.
  • All HTML forms will contain hidden variables with
    Session ID.

13
Using Rewritten URLs and Hidden Variables
  • A typical scenario of events
  • The user requests a page from a web-site.
  • The server returns an HTML form prompting the
    user to enter his/her name and email address and
    preferred background color. The HTML form
    contains a hidden variable that holds a session
    ID for this client.
  • The user completes the form and clicks the submit
    button.
  • The users input is sent to the server along with
    the session id.
  • The server extracts the users name, email
    address and color preference and session id from
    the request and stores them in a DB.
  • An HTML document containing the same session id
    is stored in all hidden fields and URLs for all
    hyperlinks

14
Cookies
  • Cookies offer a mechanism to store state
    information on the client.
  • The server instructs the client to store some
    amount of state information.
  • The information stored at the client is returned
    to the server with each request.
  • Advantages
  • It is not necessary to return the session
    information to the client as is necessary with
    rewritten URLs and hidden variables.
  • Do not require the parsing of the requested URL.
  • Cookie information is extracted from the client
    request using simple Servlet API methods.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "State and Session Management" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!