Session Management

What is a session? A session is pretty much what it sounds, when a user makes a page request to the server, the server creates a temporary session to identify that user. So when that same user goes to another page on that site, the server identifies that user. So a session is a small and temporary unique connection between a server and the user enabling it to identify that user across multiple page requests or visits to that site. Why should a session be maintained? When there is a series of continuous request and response from a same client to a server, the server cannot identify from which client it is getting requests. Because HTTP is a stateless protocol. When there is a need to maintain the conversational state, session tracking is needed. For example, in a shopping cart application a client keeps on adding items into his cart using multiple requests. When every request is made, the server should identify in which client’s cart the item is to be added. So in this sc


Filters are powerful tools in servlet environment.It process request before it reaches a servlet and can process response before it leaves to a servlet. You can map filters to a URL or a servlet name . When a filter is mapped to a URL (path-mapped), the filter applies to every servlet and JSP in the Web application. When a filter is mapped to a servlet name (servlet-mapped), it applies to a single servlet or JSP. Filters may be used for large number of tasks like compressing response, modifying request and response headers, logging, change the content type, authenticating the user etc. For eg: suppose you want to check whether the user is already logged in or not. If you are using JSP, you have to write the authentication check in another JSP and include it in all JSP pages. Rather than including it in all pages, you may create an authentication filter class and attach it to all JSP pages.    Filters are configured in the deployment descriptor(web.xml) of a web appl