Session Tracking in Servlet and its Techniques | Session Tracking Methods

In this tutorial, we will learn What is Session, Session tracking in the servlet, why do we use sessions, and various techniques for Sessions. Usually, there are 4 different techniques to manage the session. Before discussing its techniques in detail let’s first understand the basics of the session.

What is a Session?

The session means a particular interval of time. The data of the session are stored on a server. Usually, Session is a conversation between the client browser and a server.

What is Session Tracking in Servlet?

Session tracking means keeping needful information about the user and his action for a series of conversions. Session tracking is also known as Session Management.

Also, Check:

Why do we use Session?

HTTP is a stateless protocol that means each time a user requests to the server, it treats a new request as shown in the figure given below. It provides no built-in-way for a server to recognize that a sequence of requests all originated for the same user. To maintain the state of a user to recognize particular user session tracking will use. To understand this see the image given below:

Session Tracking in Servlet and its Techniques

Session Tracking Techniques

There are 4 ways to manage the session. We have outlined in detail all 4 session tracking methods for your convenience. They are as such

  1. Cookies
  2. Hidden Form Field
  3. URL Rewriting
  4. HttpSession


Webserver assigns a unique session ID as a cookie to each web client and on client subsequent requests we can identify them as received cookie. This is not that effective as the browser will not always support a cookie and it is better to use this procedure in order to maintain sessions.

Hidden Form Fields

A Webserver can send hidden HTML Format along with unique session ID as such

<input type = "hidden" name = "sessionid" value = "12345">

This entry means after submitting the form, a specified name and value will be automatically included in the GET or POST-Data. You can keep the track of different web browsers using the sesson_id value whenever the web browser sends a request back.

This can be an effective technique to keep track of the session. However, clicking on a regular hypertext link will not result in form submission. Thus, Hidden Form Fields will not even support general session tracking.

URL Rewriting

You can append extra data at the end of each URL which identifies the session that the server can associate with the session identifier with data, it stored regarding the session.

For example, with;sessionid = 12345, the session identifier is attached as session-id = 12345 with which it can be accessed at the webserver for client identification.

URL Rewriting is a better technique to maintain sessions. This works even if the web browser doesn’t support cookies. The only drawback with this method is you need to generate each URL Dynamically to allot a session ID even if you need a simple static HTML Page.

HttpSession Object

Along with the above listed three ways servlet provides HttpSession Interface provides a way to identify a user across more than one page request or visit to a website and stores info regarding the user.

Servlet Container uses this interface to create a session between HTTp Client and HTTP Server. The session exists for a specific time duration over more than one connection or page request from a user.

You can obtain the HttpSession object by calling the public method getSession() of HttpServletRequest, as such

HttpSession session = request.getSession();