Show TOC

Background documentationHTTP Sessions Locate this document in the navigation structure

 

HTTP sessions are a concept that refers to tying a series of client HTTP requests to an application (by default, HTTP is a stateless protocol). They are a powerful technique that most business applications developers use to keep track of client progress across application pages.

Java EE developers can use convenient API to perform session tracking in their Web applications. This API is part of the Java Servlet 2.5 specification. It defines the central HttpSession interface that provides methods for creating and invalidating sessions, viewing and manipulating information that is stored into a session, binding objects to the session, and so on.

The supporting mechanisms that developers can use to exchange session information between the client and the server application are cookies or URL rewriting.

Java EE Web applications developers must keep in mind that:

  • HttpSession object is scoped only at Web application level (that is, it is available for the current ServletContext).

  • When multiple servlets within the same application have access to the same session object, the developer must take care of synchronizing the access to it.