Java Servlet & JSP Cookbook by Bruce W. Perry

This chapter describes how to monitor sessions in servlets and JSPs. A session represents an interaction between a web user and a web application. The Hypertext Transfer Protocol (HTTP) is a stateless protocol, meaning that it is not designed to maintain state, or the progress of a single user as she interacts with a web server by exchanging HTTP requests and responses. Each request for a JSP or servlet, at least from the HTTP server’s point of view, is considered separate from other requests and not associated with the same user. Many web applications, however, need to follow a user’s progress step by step throughout the application, to keep track of her purchased items and/or preferences.

For example, when a user buys books at Amazon.com, the web site monitors what is added to or removed from the customer’s shopping cart and uses this information during the checkout and payment process. In addition, Amazon.com shows users which books they have looked at during their current session. Sequential visits by a single user to an e-commerce site like this are considered parts of one session.

Web applications commonly use cookies in order to implement sessions. All servlet containers have to support the use of cookies to track sessions, according to the Servlet v2.3 and 2.4 specifications. A cookie is a small piece of information that is stored by the client web browser in response to a response header issued by the web server. Cookies are described ...