Win a copy of The Java Performance Companion this week in the Performance forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Session identification

 
Sumit Bansal
Greenhorn
Posts: 19
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

HttpServletRequest interface has a method named getSession()
which says it returns the current session associated with this request, or if the request does not have a session, creates one.

My question is how is it identified by server, I mean the session belong to the current request?

Where does it search for the session which belongs to current request?

thank you
 
Marco Ehrentreich
best scout
Bartender
Posts: 1294
IntelliJ IDE Java Scala
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Sumit,

Session tracking for servlet containers works similar to session tracking in "ordinary" HTTP servers. Servlet containers may use cookies to identify clients by the generated session ID stored in the cookie. As a fallback solution it's also possible to use URL rewriting to encode the session ID into the URL. For SSL connections the container may additionally use the session mechanism integrated in the SSL protocols.

Marco
 
Sumit Bansal
Greenhorn
Posts: 19
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Marco,

Thanks for reply.

one more query.. If a user login to an application using two different browser from same machine, would the same session Id be generated by container or there will be two different session id?
 
Seetharaman Venkatasamy
Ranch Hand
Posts: 5575
Eclipse IDE Java Windows XP
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Sumit Bansal:
If a user login to an application using two different browser from same machine, would the same session Id be generated by container or there will be two different session id?


1.two different browser-----------> then two different session id

2.two different window from same browser-----------> then only one session id

Hope this helps
 
Juva Yuva
Greenhorn
Posts: 17
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by seetharaman venkatasamy:


1.two different browser-----------> then two different session id

2.two different window from same browser-----------> then only one session id

Hope this helps


And thats why session attributes are not thread-safe
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic