Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
Win a copy of Learning OpenStack Networking: Build a solid foundation in virtual networking technologies for OpenStack-based clouds this week in the Cloud/Virtualization forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
  • Liutauras Vilda
  • Campbell Ritchie
  • Tim Cooke
  • Bear Bibeault
  • Devaka Cooray
  • Jeanne Boyarsky
  • Knute Snortum
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Ganesh Patekar
  • Stephan van Hulst
  • Pete Letkeman
  • Carey Brown
  • Tim Holloway
  • Ron McLeod
  • Vijitha Kumara

what is session ?  RSS feed

Ranch Hand
Posts: 139
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Can Some one explain what session means servlet?
When it starts and when it ends ? or
When the session id is created and destroyed ?

"I think, the session or the session id will be the same,
as long as you send the request to the servlet from the same browser instance", Am I correct ?


[ February 03, 2006: Message edited by: Siva kandasamy ]

[ February 03, 2006: Message edited by: Siva kandasamy ]
[ February 04, 2006: Message edited by: Siva kandasamy ]
Ranch Hand
Posts: 130
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

First of all let me tell you why the session is needed. HTTP is a stateless protocol. So, it can't be used to store a state. Session tracking is the answer for that. Now, there are two techniques of session tracking. One is Cookies and the other is by the mean of HttpSession. The second one is widely used which you can say kind of new concept of storing a state of a user session.

Whenever a client sends a request to the server for the first time, a new session instance is created. Here, client means a new instance of a browser. If you've already requested and you're opening a new browser, it'd create a new session object for that browser. Or, if you press ctrl + n to the existing window, a new session would not be created as it was initiated from the previous browser. Now, whatever data being stored by the mean of session, is kept on the server. More preciously, the servlet container maintains a kind of hashmap where the key would be a session id and the value would be an HttpSession object. No need to tell that each id is associated with each "new instanced" browser. Now again there are two techniques of storing this id. First by cookie AND by URL re-writting or hidden elements.

A session id is maintained to retrive session information lied on the server. Everytime, whenever the client request for any resource, along with the request parameters, the session id is being passed as an extra parameter. So, on the server end, the object against that id is being searched from that hashmap and that object is returned if any operation is being made on that session.

An HttpSession object stored on the server is invalidated after a session timeout time. On tomcat, session timeout is 30 mins. So, say if a session is not being accessed, rather from the same browser, for 30 mins, any request has not come, the session would be destroyed. To destroy an HttpSession programatically, invalidate() method can be used.

I hope this would help . There are a lot material available on session. You can search on the web and have a more clear idea.
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!