How web server identifies the request in Java?

Question

Consider the senario , I am using servlets with httpSession object in servlet and i am adding some data into session object and response sent to client and client sends the request for next servlet page which needs the informaion stored in the session object. Now how a web server can able to notify the request given by the client is linked with perticular session object created at previous request ? Suppose if cookies are disabled ?

Answer 1

Cookies are by far the most popular technique to implement http sessions in Java web servers. Besides cookies, two other techniques can also be used - url rewriting (i.e. appending some extra information to each URL generated by the server, which helps to identify the session) and hidden fields embedded in forms, whose value contains information required to identify the session.

Answer 2

If the cookies are dissabled, the session tracking happens with url rewriting . Every url in the server should be encoded with the session id ( HttpResponse.encodeURL() does this for you).

Another approach is by having an hidden field for the session id. However this will work only for POST requests.

Answer 3

Now how a web server can able to notify the request given by the client is linked with perticular session object created at previous request?

Usually it uses a cookie. The cookie stores a unique identifier which the server associates with a session object.

Have a look in your browser cookie jar, and you'll probably find a jsessionid cookie stored for your site.

---

There are other techniques for implementing sessions using for instance URL rewriting or hidden form fields. Using a cookie is the most common and default technique though.