Javatpoint Logo
Javatpoint Logo

Session Tracking in Java

In the world of the web, a session is the amount of time in which any two systems interact with each other. Those two systems can have a peer-to-peer or client-server relationship with each other. However, the problem is, in HTTP protocol, the state of the communication is not maintained, i.e., HTTP is a stateless protocol. Session Tracking in Java is used to tackle this problem with the help of servlets.


To accomplish session tracking in the Java, one of the most commonly used techs is cookies. The cookies have information in the form of key-value pair. It sent by the server to the client's browser. It is saved by the browsers in the client system. However, cookies are not effective for tracking the session. The disadvantages of the cookies are:

1) Only the textual information can be kept by cookies.

2) Cookies are browser-dependent. Therefore, if someone on the client-side disables the cookies, then the web application can never make use of the cookies.

3) An individual cookie cannot contain a lot of information. The size of an individual cookie cannot exceed 4kb.

HttpSession Interface

The Java servlets provide the HttpSession Interface that gives a way to spot a particular user among multiple page requests or to keep the information about that user. In fact, the Java servlets use the HttpSession interface to establish a connection between the HTTP server and the HTTP client.

The HttpSession interface facilitates the servlets to:

  • Manipulate and view the information about any session, such as the creation time, the session identifier, and the last accessed time.
  • Binding objects to the session, hence; allowing the information about a user to be persistent across the multiple connections.

The following diagram shows the working of the HttpSession interface in a session.

Session Tracking in Java

User A and User B both are requesting to connect to a server. The servlet container uses the HttpSession interface to connect to the server by creating a unique id for each request. The unique id is used to identify a user. The unique id can be stored in a request parameter or in a cookie.

Methods of HttpSession Interface

Method Name Description
public HttpSession getSession(Boolean create) The method fetches the session that is associated with the request. If the session is not present, the method created a new session based on the Boolean value create, which is passed as an argument to the method.
public HttpSession getSession() The method returns a session if the session is already present; otherwise, a new session is created then returned.
public long getCreationTime() The time at which the session is created is being returned by this method.
public String getId() The method returns the unique id, which is unique.
public long getLastAccessedTime() The last time at which the session is accessed is being returned by this method.
public boolean isNew() When the client prefers not to join the session or if the client does not know already about the session, then the method returns true; otherwise, false.
void invalidate() The method first invalidates the session, then unbinds the object associated with the session.

Implementation of Session Tracking in Java

The following programs shows how to implement session tracking. In the example, we have created four files.

1) index.html

2) web.xml



FileName: index.html



Follow the steps given below to run the program.

Step 1: Install the Apache Tomcat application. Go inside the webapps folder of the Tomcat application, and create a folder of your choice. We have created a MyProject folder.

Session Tracking in Java

Step 2: Inside the MyProject folder, create a WEB-INF folder, and inside the WEB-INF folder, create a classes folder.

Step 3: Now, Compile the above-mentioned Java files using the javac command. Keep the generated .class files in the classes folder.

Session Tracking in Java

Step 4: Now, move outside the classes folder, and create the web.xml file in the WEB-INF folder. Observe the following snapshot.

Session Tracking in Java

Step 5: Along with the WEB-INF folder, keep the index.html file.

Session Tracking in Java

Step 6: Our application setup is ready. Now, we have to launch the application. To do so, move to the bin folder.

Session Tracking in Java

Step 7: Inside the bin folder, click on the Tomcat10.exe

Session Tracking in Java

Step 8: The Apache Tomcat server has been launched. The Tomcat server usually listens on port number 8090. Therefore, we have to provide the same port number in the URL. To do so, go to the browser and in the URL bar, write localhost:8090, and press enter. You will see the following.

Session Tracking in Java

Step 9: Now, add /MyProject to the URL. Thus, the new URL will be localhost:8090/MyProject. After pressing the enter button, the index.html file comes into action, and the form is shown on the browser.

Session Tracking in Java

Step 10: Now write the name of your choice, and click on "Press the Button", we get the following.

Session Tracking in Java

Step 11: Observe the URL, it shows servletA. It is because of the action attribute present in the index.html file. Now click on "Press Here".

Session Tracking in Java

Now, we moved to servletB. The URL confirms the same. It is because of the anchor tag present in the file.

Explanation: In the above code, the getAttribute() and setAttribute() methods are from the HttpSession interface. The setAttribute() method creates an attribute in the session scope of the first servlet, and the getAttribute() receives the same attribute in the session scope of the second servlet. That's why the same is reflected on the servletA as well as on the servletB.

Advantages of Using Http Sessions in a Servlet

1) Various sorts of objects can be kept in the session, such as dataset, database, and text.

2) Unlike cookies, the dependency of the client's browser has been completely removed on the usage of the sessions. To achieve that, a session object is kept on the server instead of on the client's machine.

3) Sessions are transparent and secure.

Disadvantages of Using Http Sessions in a Servlet

1) The session object is kept on the server-side, which leads to the performance overhead.

2) The de-serialization or serialization of data also gives performance overhead.

Note: The import statements present in the .java files contain the word jakarta. The word jakarta is dependent on the servlet-api.jar file. In our case, when we unzipped the servlet-api.jar file, we got the jakarta folder. Hence, we mentioned jakarta in the import statements. Other versions of the tomcat server may contain the servlet-api.jar file which shows the javax folder upon unzipping it. In such a case, one should go with the javax word instead of the jakarta in the import statements.

Youtube For Videos Join Our Youtube Channel: Join Now


Help Others, Please Share

facebook twitter pinterest

Learn Latest Tutorials


Trending Technologies

B.Tech / MCA