HTTP i.e. Hyper Text Transfer Protocol is a stateless protocol. In simple word, it doesn't remember the state after a single transaction.
Let me give you a concrete real time example to understand this.
First Transaction
YOU: Hi
HTTP: Hello
Second Transaction
You: How are you?
HTTP: Who are you?
HTTP do not remember the state next time.
Now to overcome this, Servlet API has a concept called as Session Tracking. For example let say you have a Travel Portal, user want to book some package and he logs in, but according to the nature of http, it will forget you on the next page, hence to enforce it for remembering you, we will use session object of JSP- Java Server Pages.
I will just give you the flow of the work. You visit login.html where you insert your credentials and the flows move on to LoginAction.jsp and this the page where you set the attribute in the session so that when you go on next page it remembers you. Session looks something like this.
Methods Used of class HttpSession
We set attributes in the session. An attribute can be anything, so the things set in attributes are Objects.
public void setAttribute(String name,Object value)
This methods helps to set the attribute in the session with an assigned name.
For example:
String user="nzartab@gmail.com";
session.setAttribute("username",user);
public Object getAttribute(String name)
- What you set with a name you can get it back with the name. But while getting it back you can get it back in java.lang.Object form,hence you need to cast it back.
For example:
Object o=session.getAttribute("username");
String u=(String)o;
public void invalidate()
- Invalidate method flushes off everything in the session. All the attributes are destroyed and it is back to as a fresh session object. This method is majorly used for logging out.
Let us go through basic examples for the same example.
--------------------------------------login.jsp-----------------------------------------------------------------------
<html>
<body>
<form method="Post" action="LoginAction.jsp">
Username:<input type="text" name="username">
<br>
Password:<input type="password" name="password">
<br>
<br>
<input type="submit" value="Login">
</form>
</body>
</html>
----------------------------------------LoginAction.jsp--------------------------------------------------------------
<html>
<body>
<%
String usernamme=request.getParameter("username");
String password=request.getParameter("password");
if(username.equals("tom")&&password.equals("tommy"))
{
session.setAttribute("user",username);
response.sendRedirect("page1.jsp");
}
else
{
session.invalidate();
response.sendRedirect("login.html");
}
%>
</body>
</html>
---------------------------------------------------------page1.jsp-----------------------------------------------------
<html>
<body>
<%
Object o=session.getAttribute("username");
if(o==null)
{
session.invalidate();
response.sendRedirect();
}
String user=(String)o;
%>
Hello <%= user%>
</body>
</html>
After setting the attribute on LoginAction.jsp, you just need to check on other pages if the login is validated by following lines
Object o=session.getAttribute("username");
if(o==null)
{
session.invalidate();
response.sendRedirect();
}
If the code goes in if block, it will throw the flow from current page to login page.
0 comments:
Post a Comment