The HttpSession Interface in Servlet

What is a session?

In web terminology, a session is simply the limited interval of time in which two systems communicate with each other. The two systems can share a client-server or a peer-to-peer relationship. However, in Http protocol, the state of the communication is not maintained. Hence, the web applications that work on http protocol use several different technologies that comprise Session Tracking, which means maintaining the state (data) of the user, in order to recognize him/her.

In order to achieve session tracking in servlets, cookies have been one of the most commonly used tech. However, they have the following disadvantages:

• They can only keep textual information.
• They’re browser dependent. Hence, if the client disables them, your web application can’t make use of them
• Individual cookie can contain not more than 4kb of information

How to create sessions with a unique session id for each user in java servlet

For this, servlets provide an interface called ‘HttpSession’ Interface. The following diagram explains how Http Sessions work in servlets:

Methods in HttpSession Interface

Advantages of Http Sessions in Servlet

• Any kind of object can be stored into a session, be it a text, database, dataset etc.
• Usage of sessions is not dependent on the client’s browser.
• Sessions are secure and transparent

Disadvantages of Http session

• Performance overhead due to session object being stored on server
• Overhead due to serialization and de-serialization of data

Example of Session tracking using HttpServlet Interface: In the below example the setAttribute() and getAttribute() methods of the HttpServlet class is used to create an attribute in the session scope of one servlet and fetch that attribute from the session scope of another servlet.

• index.html

  
  

  
  
  

  <html> <head> <body> <form action="servlet1">   Name:<input type="text" name="userName"/><br/>   <input type="submit" value="submit"/>   </form>   </body> </html>

• First.java

  
  

  
  
  

  // The first servlet import java.io.*; import javax.servlet.*; import javax.servlet.http.*;    < div class = "noIdeBtnDiv" > public class First extends HttpServlet {        public void doGet(HttpServletRequest request, HttpServletResponse response)     {         try { /*Declaration of the get method*/                response.setContentType("text/html"); // Setting the content type to text             PrintWriter out = response.getWriter();                String n = request.getParameter("userName"); /*Fetching the contents of                                                  the userName field from the form*/             out.print("Welcome " + n); // Printing the username                HttpSession session = request.getSession(); /* Creating a new session*/                session.setAttribute("uname", n);             /*Setting a variable uname                                  containing the value as the fetched                                   username as an attribute of the session                                  which will be shared among different servlets                                  of the application*/                out.print("<a href='servlet2'>visit</a>"); // Link to the second servlet                out.close();         }         catch (Exception e) {             System.out.println(e);         }     } }

• Second.java

  
  

  
  
  

  // The second servlet import java.io.*; import javax.servlet.*; import javax.servlet.http.*;    public class SecondServlet extends HttpServlet {        public void doGet(HttpServletRequest request, HttpServletResponse response) try {         /*Declaration of the get method*/         response.setContentType("text/html");         PrintWriter out = response.getWriter();            HttpSession session = request.getSession(false);         /*Resuming the session created                                          in the previous servlet using                                          the same method that was used                                         to create the session.                                          The boolean parameter 'false'                                         has been passed so that a new session                                         is not created since the session already                                         exists*/            String n = (String)session.getAttribute("uname");         out.print("Hello " + n);            out.close();     }     catch (Exception e) {         System.out.println(e);     } } }

• web.xml

  
  

  
  
  

  <web-app>        <servlet>   <servlet-name>s1</servlet-name>   <servlet-class>First</servlet-class>   </servlet>        <servlet-mapping>   <servlet-name>s1</servlet-name>   <url-pattern>/servlet1</url-pattern>   </servlet-mapping>        <servlet>   <servlet-name>s2</servlet-name>   <servlet-class>Second</servlet-class>   </servlet>        <servlet-mapping>   <servlet-name>s2</servlet-name>   <url-pattern>/servlet2</url-pattern>   </servlet-mapping>        </web-app>

Output:

• index.html :

  

• Servlet1 :

  

• Servlet2 :