Java Reference
In-Depth Information
Using URL Encoding versus Using Cookies
By default, the servlet API uses a cookie to store the session ID,
and the browser passes the cookie to the server with each request.
No additional coding is needed for session tracking using the
default cookie. The only drawback is that the browser must be set
to accept cookies or this type of session tracking will not work.
Session identifiers instead can be sent to the browser using URL
encoding, also called URL rewriting, which involves writing code
to add the session ID to the URL for every transaction. URL
encoding works regardless of the browser cookie setting; however,
it requires more coding effort and also displays the session ID in
the URL.
The following step enters the code to implement session tracking with
HTTP by obtaining a session and using session attributes.
To Implement Session Tracking with HTTP
1.
Click the Save button on the Standard toolbar to save the program.
Enter lines 89 through 103 as shown in Figure 12-22.
TextPad displays the code to obtain a session object and then get and
remove session attributes (Figure 12-23). If a requested session attribute
is null, then that attribute is not stored. Because the program is lengthy,
the entered code should be saved regularly, even before the program is
complete.
session object
getAttribute() method
removeAttribute()
method
FIGURE 12-23
Redirecting an HTTP Request
Recall that user validation, as well as most subsequent requests, uses the
servlet as a controller. Parameters and session attributes are used to help the
servlet direct the next appropriate action for the application. In most cases,
this involves performing some function in the servlet and then forwarding the
request to the appropriate HTML page or JavaServer Page. To
forward
a request
involves sending the current request and response objects so that the receiving
Search WWH ::
Custom Search