Servlets Session Tracking


  • Session is basically a time frame and tracking means maintaining user data for certain period of time frame.
  • HTTP protocol and web servers are stateless.
  • All requests and responses are independent.
  • Each request to the web server is treated as a new request.
  • Session Tracking is a mechanism used by the web container to store session information for a particular user. It is used to recognize a particular user.

Methods of Session Tracking

There are four techniques used in Session Tracking:
1) Cookies
2) Hidden Form Field
3) URL Rewriting
4) HttpSession

1) Cookies

Cookies are small piece of information sent by web server in response header and gets stored in browser side. A web server can assign a unique session ID to each web client. The cookies are used maintain the session. The client can disable the cookies.

2) Hidden Form Field

The hidden form field is used to insert the information in the webpages and this information is sent to the server. These fields are not viewable to the user directly.

For example:
<input type = hidden'  name = 'session' value = '12345' >

3) URL Rewriting

Append some extra data through URL as request parameters with every request and response. URL rewriting is a better way to maintain session’s management and work for the browsers.

For example:;sessionid=54321

4) HttpSession Object

The HttpSession object represents a user session. The HttpSession interface creates a session between an HTTP client and HTTP server. A user session contains information about the user across multiple HTTP requests.

For example:
HttpSession session = request.getSession( );
Session.setAttribute("username", "password");