JavaServer Pages

JavaServer Pages (JSP) is a Java technology that allows software developers to

dynamically generate HTML, XML or other types of documents in response to a Web
client request. The technology allows Java code and certain pre-defined actions to be
embedded into static content.

The JSP syntax adds additional XML-like tags, called JSP actions, to be used to invoke
built-in functionality. Additionally, the technology allows for the creation of JSP tag
libraries that act as extensions to the standard HTML or XML tags. Tag libraries provide
a platform independent way of extending the capabilities of a Web server.

JSPs are compiled into Java Servlets by a JSP compiler. A JSP compiler may generate a
servlet in Java code that is then compiled by the Java compiler, or it may generate byte
code for the servlet directly. JSPs can also be interpreted on-the-fly reducing the time
taken to reload changes.

[edit] JSP and Servlets

Architecturally, JSP can be viewed as a high-level abstraction of servlets that is
implemented as an extension of the Servlet 2.1 API. Both servlets and JSPs were
originally developed at Sun Microsystems, initially created by Manohar Rao Mankala
and later elaborated on as a specification by Satish Dharmaraj. Starting with version 1.2
of the JSP specification, JavaServer Pages have been developed under the Java
Community Process. JSR 53 defines both the JSP 1.2 and Servlet 2.3 specifications and
JSR 152 defines the JSP 2.0 specification. As of May 2006 the JSP 2.1 specification has
been released under JSR 245 as part of Java EE 5.

[edit] JSP syntax

A JavaServer Page may be broken down into the following pieces:

• static data such as HTML

• JSP directives such as the include directive
• JSP scripting elements and variables
• JSP actions
• custom tags with correct library

JSP directives control how the JSP compiler generates the servlet. The following
directives are available:

include
The include directive informs the JSP compiler to include a complete file into the
current file. It is as if the contents of the included file were pasted directly into the
original file. This functionality is similar to the one provided by the C
 preprocessor. Included files generally have the extension "jspf" (for JSP
Fragment):
<%@ include file="somefile.jspf" %>
page
There are several options to the page directive.
import
Results in a Java import statement being inserted into the resulting file.
contentType
specifies the content that is generated. This should be used if HTML is not used or
if the character set is not the default character set.
errorPage
Indicates the page that will be shown if an exception occurs while processing the
HTTP request.
isErrorPage
If set to true, it indicates that this is the error page. Default value is false.
isThreadSafe
Indicates if the resulting servlet is thread safe.
autoFlush
To autoflush the contents.A value of true, the default, indicates that the buffer
should be flushed when it is full. A value of false, rarely used, indicates that an
exception should be thrown when the buffer overflows. s will be used, and
attempts to access the variable session will result in errors at the time the JSP page
is translated into a servlet.
buffer
To set Buffer Size. The default is 8k and it is advisable that you increase it.
isELIgnored
Defines whether EL expressions are ignored when the JSP is translated.
language
Defines the scripting language used in scriptlets, expressions and declarations.
Right now, the only possible value is "java".
extends
Defines the superclass of the class this JSP will become. You won't use this unless
you REALLY know what you're doing - it overrides the class hierarchy provided
by the Container.
info
Defines a String that gets put into the translated page, just so that you can get it
using the generated servlet's inherited getServletInfo() method.
pageEncoding
Defines the character encoding for the JSP. The default is "ISO-8859-1"(unless
the contentType attribute already defines a character encoding, or the page uses
XML document syntax).
<%@ page import="java.util.*" %> //example import
<%@ page contentType="text/html" %> //example contentType
<%@ page isErrorPage=false %> //example for non error page
<%@ page isThreadSafe=true %> //example for a thread safe JSP
<%@ page session=true %> //example for using session binding
<%@ page autoFlush=true %> //example for setting autoFlush
<%@ page buffer=20 %> //example for setting Buffer Size
 Note: Only the "import" page directive can be used multiple times in the same
JSP.
taglib
The taglib directive indicates that a JSP tag library is to be used. The directive
requires that a prefix be specified (much like a namespace in C++) and the URI
for the tag library description.
<%@ taglib prefix="myprefix" uri="taglib/mytag.tld" %>

[edit] JSP scripting elements and objects

[edit] JSP implicit objects

The following JSP implicit objects are exposed by the JSP container and can be
referenced by the programmer:

out
The JSPWriter used to write the data to the response stream.
page
The servlet itself.
pageContext
A PageContext instance that contains data associated with the whole page. A
given HTML page may be passed among multiple JSPs.
request
The HttpServletRequest object that provides HTTP request information.
response
The HTTP response object that can be used to send data back to the client.
session
The HTTP session object that can be used to track information about a user from
one request to another.
config
Provides servlet configuration data.
application
Data shared by all JSPs and servlets in the application.
exception
Exceptions not caught by application code .

[edit] Scripting elements

There are three basic kinds of scripting elements that allow java code to be inserted
directly into the servlet.

• A declaration tag places a variable definition inside the body of the java
servlet class. Static data members may be defined as well. Also inner classes
should be defined here.

<%! int serverInstanceVariable = 1; %>

Declaration tags also allow methods to be defined.

<%!
/**
* Converts the Object into a string or if
* the Object is null, it returns the empty string.
*/
public String toStringOrBlank( Object obj ){
if(obj != null){
return obj.toString();
}
return "";
}
%>

• A scriptlet tag places the contained statements inside the _jspService()

method of the java servlet class.

<% int localStackBasedVariable = 1;

out.println(localStackBasedVariable); %>

• An expression tag places an expression to be evaluated inside the java servlet

class. Expressions should not be terminated with a semi-colon .

<%= "expanded inline data " + 1 %>

• Also we can use the following tag to give comments in jsp:

<%-- give your comments here --%>

[edit] JSP actions

JSP actions are XML tags that invoke built-in web server functionality. They are executed
at runtime. Some are standard and some are custom (which are developed by Java
developers). The following list contains the standard ones:

jsp:include
Similar to a subroutine, the Java servlet temporarily hands the request and
response off to the specified JavaServer Page. Control will then return to the
current JSP, once the other JSP has finished. Using this, JSP code will be shared
between multiple other JSPs, rather than duplicated.
jsp:param
Can be used inside a jsp:include, jsp:forward or jsp:params block. Specifies a
parameter that will be added to the request's current parameters.
jsp:forward
Used to hand off the request and response to another JSP or servlet. Control will
never return to the current JSP.
jsp:plugin
 Older versions of Netscape Navigator and Internet Explorer used different tags to
embed an applet. This action generates the browser specific tag needed to include
an applet.
jsp:fallback
The content to show if the browser does not support applets.
jsp:getProperty
Gets a property from the specified JavaBean.
jsp:setProperty
Sets a property in the specified JavaBean.
jsp:useBean
Creates or re-uses a JavaBean available to the JSP page.

[edit] Examples of tags

[edit] jsp:include

<html>
<head></head>
<body>
<jsp:include page="mycommon.jsp" >
<jsp:param name="extraparam" value="myvalue" />
</jsp:include>
name:<%=request.getParameter("extraparam")%>
</body>
</html>

[edit] jsp:forward

<jsp:forward page="subpage.jsp" >

<jsp:param name="forwardedFrom" value="this.jsp" />
</jsp:forward>

In this forwarding example, the request is forwarded to "subpage.jsp". The request

handling does not return to this page.

[edit] jsp:plugin

<jsp:plugin type=applet height="100%" width="100%"

archive="myjarfile.jar,myotherjar.jar"
codebase="/applets"
code="com.foo.MyApplet" >
<jsp:params>
<jsp:param name="enableDebug" value="true" />
</jsp:params>
<jsp:fallback>
Your browser does not support applets.
</jsp:fallback>
</jsp:plugin>

The plugin example illustrates a <html> uniform way of embedding applets in a web
page. Before the advent of the <OBJECT> tag, there was no common way of embedding
applets. Currently, the jsp:plugin tag does not allow for dynamically called applets. For
example, jsp:params cannot be used with a charting applet that requires the data points to
be passed in as parameters unless the number of data points is constant. You cannot, for
example, loop through a ResultSet to create the jsp:param tags. Each jsp:param tag must
be hand-coded. However, each of those jsp:param tags can have a dynamic name and a
dynamic value.

[edit] jsp:useBean

<jsp:useBean id="myBean" class="com.foo.MyBean" scope="request" />

<jsp:getProperty name="myBean" property="lastChanged" />
<jsp:setProperty name="myBean" property="lastChanged" value="<%= new
Date()%>" />

The scope attribute can be request, page, session or application. It has the following
meanings:

request
the attribute is available for the lifetime of the request. Once the request has been
processed by all of the JSPs, the attribute will be de-referenced.
page
the attribute is available for the current page only.
session
the attribute is available for the lifetime of the user's session.
application
the attribute is available to every instance and is never de-referenced. Same as a
global variable.

The example above will use a Bean Manager to create an instance of the class
com.foo.MyBean and store the instance in the attribute named "myBean". The attribute
will be available for the life-time of the request. It can be shared among all of the JSPs
that were included or forwarded-to from the main JSP that first received the request.

[edit] JSP Tag Libraries

In addition to the pre-defined JSP actions, developers may add their own custom actions
using the JSP Tag Extension API. Developers write a Java class that implements one of
the Tag interfaces and provide a tag library XML description file that specifies the tags
and the java classes that implement the tags.

Consider the following JSP.

<%@ taglib uri="mytaglib.tld" prefix="myprefix" %>

...
<myprefix:myaction> <%-- the start tag %>
...
</myprefix:myaction> <%-- the end tag %>
...
The JSP compiler will load the mytaglib.tld XML file and see that the tag 'myaction' is
implemented by the java class 'MyActionTag'. The first time the tag is used in the file, it
will create an instance of 'MyActionTag'. Then (and each additional time that the tag is
used), it will invoke the method doStartTag() when it encounters the starting tag. It looks
at the result of the start tag, and determines how to process the body of the tag. The body
is the text between the start tag and the end tag. The doStartTag() method may return one
of the following:

SKIP_BODY
The body between the tag is not processed.
EVAL_BODY_INCLUDE
Evaluate the body of the tag.
EVAL_BODY_TAG
Evaluate the body of the tag and push the result onto stream (stored in the body
content property of the tag).

Note: If tag extends the BodyTagSupport class, the method doAfterBody() will be called
when the body has been processed just prior to calling the doEndTag(). This method is
used to implement looping constructs.

When it encounters the end tag, it invokes the doEndTag() method. The method may
return one of two values:

EVAL_PAGE
This indicates that the rest of the JSP file should be processed.
SKIP_PAGE
This indicates that no further processing should be done. Control leaves the JSP
page. This is what is used for the forwarding action.

The myaction tag above would have an implementation class that looked like something
below:

public class MyActionTag extends TagSupport {

//Releases all instance variables.
public void release() {...}

public MyActionTag() { ... }

//called for the start tag

public int doStartTag() { ... }

//called at the end tag

public int doEndTag(){ ... }
}

Add Body Tag description.

If you want to iterate the body a few times, then the java class (tag handler) implements
IterationTag interface. It returns EVAL_BODY_AGAIN - which means to invoke the
body again.

[edit] JSP Standard Tag Library (JSTL)

The JavaServer Pages Standard Tag Library (JSTL), is a component of the Java EE Web
application development platform. It extends the JSP specification by adding a tag library
of JSP tags for common tasks, such as XML data processing, conditional execution, loops
and internationalization.

[edit] Internationalization
Internationalization in JSP is accomplished the same way as in a normal Java application,
that is by using resource bundles.

[edit] JSP 2.0

The new version of the JSP specification includes new features meant to improve
programmer productivity. Namely:

• An Expression Language (EL) which allows developers to create Velocity-

style templates (among other things).
• A faster/easier way to create new tags.

Hello, ${param.visitor} <%-- same as: Hello,

<%=request.getParameter("param").getVisitor()%> --%>

[edit] Model-view-controller paradigm

Sun recommends that the Model-view-controller pattern be used with the JSP files in
order to split the presentation from request processing and computer data storage. Either
regular servlets or separate JSP files are used to process the request. After the request
processing has finished, control is passed to a JSP used only for creating the output.
There are several platforms based on Model-view-controller pattern for web tiers (such as
Barracuda, Apache Struts or Spring framework).

[edit] Example
Regardless of whether the JSP compiler generates Java source code for a servlet or emits
the byte code directly, it is helpful to understand how the JSP compiler transforms the
page into a Java servlet. For example, consider the following input JSP and its resulting
generated Java Servlet.
Input JSP

<%@ page errorPage="myerror.jsp" %>

<%@ page import="com.foo.bar" %>

<html>
<head>
<%! int serverInstanceVariable = 1;%>

<% int localStackBasedVariable = 1; %>

<table>
<tr><td><%= toStringOrBlank( "expanded inline data " + 1 ) %></td></tr>

Resulting servlet

package jsp_servlet;
import java.util.*;
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.jsp.*;
import javax.servlet.jsp.tagext.*;

import com.foo.bar; //imported as a result of <%@ page

import="com.foo.bar" %>
import ...

class _myservlet implements javax.servlet.Servlet,

javax.servlet.jsp.HttpJspPage {
//inserted as a
//result of <%! int serverInstanceVariable = 1;%>
int serverInstanceVariable = 1;
...

public void _jspService( javax.servlet.http.HttpServletRequest

request,
javax.servlet.http.HttpServletResponse response )
throws javax.servlet.ServletException,
java.io.IOException
{
javax.servlet.ServletConfig config = ...;//get the servlet config
Object page = this;
PageContext pageContext = ...;//get the page context for this
request
javax.servlet.jsp.JspWriter out = pageContext.getOut();
HttpSession session = request.getSession( true );
try {
out.print( "<html>\r\n" );
out.print( "<head>\r\n" );
...
//from <% int localStackBasedVariable = 1; %>
int localStackBasedVariable = 1;
...
out.print( "<table>\r\n" );
out.print( " <tr><td>" );
 //from <%= toStringOrBlank( "expanded inline data " + 1 ) %>
out.print( toStringOrBlank( "expanded inline data " + 1 ) );
out.print( " </td></tr>\r\n" );
...
} catch ( Exception _exception ) {
//clean up and redirect to error page in <%@ page
errorPage="myerror.jsp" %>
}
}
}

[hide] Java
Java platform Java ME · Java SE · Java EE · Java Card
Java programming language · Squawk · Java
Sun technologies Development Kit · OpenJDK · Java Virtual Machine ·
Java Runtime Environment · JavaFX
GNU Classpath · GNU Compiler for Java · Kaffe ·
Major third-party technologies Apache Harmony · Apache Struts · Spring
framework · Hibernate · JBoss application server
Java version history · Criticism of Java · Java
History Community Process · Sun Microsystems · Free Java
implementations
Bytecode · Syntax · Applets · Servlets · JavaServer
Language features
Pages · Web Start
Java Tcl · Jython · JRuby · BeanShell · Groovy ·
Scripting languages Judoscript · Sleep · Bean Scripting Framework ·
Yoix · Rhino

JSP Environment

Enterprise Java JSPs or Servlets--Which Architecture is Right for You? SINCE

THE INTRODUCTION of JSP technology, two architectures have emerged for building
server-side Web applications in Java. The first involves JSPs only, and the second uses
JSPs and Servlets together. Referred to as Model 1 and Model 2 architectures,
respectively, each model has its advantages and disadvantages. The Model 2
architecture has become quite popular recently, and has received a great deal of
coverage on the Web and in trade magazines. In fact, many developers mistakenly
believe this architecture has replaced the Model 1 architecture and is the "right" way to
use JSPs.
Understanding JavaServer Pages Model 2 architecture By developing a familiar
Web-based shopping cart, you'll learn how to utilize the Model-View-Controller (MVC)
design pattern and truly separate presentation from content when using JavaServer
Pages. Govind Seshadri shows you out how easy it can be
JSP Architecture When Sun introduced Java ServerPages, some were quick to claim
that Servlets had been replaced as the preferred request handling mechanism in web-
enabled enterprise architectures. Although JSP is a key component of the Java 2
Platform Enterprise Edition (J2EE) specification, serving as the preferred request
handler and response mechanism, we must investigate further to understand its
relationship with Servlets
More on JSP Architecture This chapter will examine a variety of ways to architect a
system with JavaServer Pages, Servlets, and JavaBeans. We will see a series of
different architectures, each a development of the one before. The diagram below
shows this process in outline; the individual parts of the diagram will be explained in
turn later in the chapter.
JAVASERVER PAGESTM Powering the Web Experience with Dynamic Content
With JavaServer PagesTM (JSPTM) technology, Sun makes creating dynamic HTML and
XML Web pages even simpler. JSP technology is a major extension of Java Servlet
technology that makes building and maintaining dynamic pages much easier, and
supports the distributed development model common in larger enterprises. JSP
technology opens up dynamic pages to a wide range of page authors, while offering all
of the benefits of the Java platform.
JSP Professional, Chapter 12 JSP/Servlets Architecture Quiz This short quiz is
based on JSP Professional: Chapter 12, JSP Architecture. Test your knowledge on the
differences between servlets and JavaServer PagesTM (JSPTM), factor forward-factor
back, page-centric versus the dispatcher approach, and more. Then read the source
code and see how this quiz was developed.
JSP Architecture The JDC is pleased to present two chapters from Professional JSP:
Using JavaServer Pages, Servlets, EJB, JNDI, JDBC, XML, XSLT, and WML to create
dynamic and customizable web content, by multiple authors (see below), and
published in May 2000 by Wrox Press Ltd.
Case Study: J2EE, EJBs, and Tag Libraries The JDC is pleased to present two
chapters from Professional JSP: Using JavaServer Pages, Servlets, EJB, JNDI, JDBC,
XML, XSLT, and WML to create dynamic and customizable web content, by multiple
authors (see below), and published in May 2000 by Wrox Press Ltd.

JSP Directives

Enterprise Java JSPs or Servlets--Which Architecture is Right for You? SINCE

THE INTRODUCTION of JSP technology, two architectures have emerged for building
server-side Web applications in Java. The first involves JSPs only, and the second uses
JSPs and Servlets together. Referred to as Model 1 and Model 2 architectures,
respectively, each model has its advantages and disadvantages. The Model 2
architecture has become quite popular recently, and has received a great deal of
coverage on the Web and in trade magazines. In fact, many developers mistakenly
believe this architecture has replaced the Model 1 architecture and is the "right" way to
use JSPs.
Understanding JavaServer Pages Model 2 architecture By developing a familiar
Web-based shopping cart, you'll learn how to utilize the Model-View-Controller (MVC)
design pattern and truly separate presentation from content when using JavaServer
Pages. Govind Seshadri shows you out how easy it can be
JSP Architecture When Sun introduced Java ServerPages, some were quick to claim
that Servlets had been replaced as the preferred request handling mechanism in web-
enabled enterprise architectures. Although JSP is a key component of the Java 2
Platform Enterprise Edition (J2EE) specification, serving as the preferred request
handler and response mechanism, we must investigate further to understand its
relationship with Servlets
More on JSP Architecture This chapter will examine a variety of ways to architect a
system with JavaServer Pages, Servlets, and JavaBeans. We will see a series of
different architectures, each a development of the one before. The diagram below
shows this process in outline; the individual parts of the diagram will be explained in
turn later in the chapter.
JAVASERVER PAGESTM Powering the Web Experience with Dynamic Content
With JavaServer PagesTM (JSPTM) technology, Sun makes creating dynamic HTML and
XML Web pages even simpler. JSP technology is a major extension of Java Servlet
technology that makes building and maintaining dynamic pages much easier, and
supports the distributed development model common in larger enterprises. JSP
technology opens up dynamic pages to a wide range of page authors, while offering all
of the benefits of the Java platform.
JSP Professional, Chapter 12 JSP/Servlets Architecture Quiz This short quiz is
based on JSP Professional: Chapter 12, JSP Architecture. Test your knowledge on the
differences between servlets and JavaServer PagesTM (JSPTM), factor forward-factor
back, page-centric versus the dispatcher approach, and more. Then read the source
code and see how this quiz was developed.
JSP Architecture The JDC is pleased to present two chapters from Professional JSP:
Using JavaServer Pages, Servlets, EJB, JNDI, JDBC, XML, XSLT, and WML to create
dynamic and customizable web content, by multiple authors (see below), and
published in May 2000 by Wrox Press Ltd.
Case Study: J2EE, EJBs, and Tag Libraries The JDC is pleased to present two
chapters from Professional JSP: Using JavaServer Pages, Servlets, EJB, JNDI, JDBC,
XML, XSLT, and WML to create dynamic and customizable web content, by multiple
authors (see below), and published in May 2000 by Wrox Press Ltd

JSP STANDARD TAGS

Anatomy of a JSP page In this article we will study the anatomy of a JSP page and
how you can use each of these elements for your own use.
Forwarding and Including Response from other Servlets. In this article we will
learn how to pass control from one Servlet to another using
RequestDispatcher.forward() method and how to include response from another Servlet
within the caller Servlet using RequestDispatcher.include() method.
JSP Actions JSP actions use constructs in XML syntax to control the behavior of the
servlet engine. You can dynamically insert a file, reuse JavaBeans components, forward
the user to another page, or generate HTML for the Java plugin.
JAVASERVER PAGESTM SYNTAX REFERENCE
JSP Syntax Basics Moving beyond installation, we'll now go into the JSP syntax. For a
cheat sheet, you can download a syntax card. And if you're not familiar with Java
programming, you may want to visit Sun's tutorial; however, Web builders shouldn't
have to do too much Java development. Other than a few method calls, the Java code
in your JSP Web pages should be minimal.
JSP Technology Syntax When Sun introduced Java ServerPages, some were quick to
claim that Servlets had been replaced as the preferred request handling mechanism in
web-enabled enterprise architectures. Although JSP is a key component of the Java 2
Platform Enterprise Edition (J2EE) specification, serving as the preferred request
handler and response mechanism, we must investigate further to understand its
relationship with Servlets
JAVASERVER PAGESTM SYNTAX CARD The Syntax Card is available for download in
both PDF and Postscript formats.
Comments and Character Quoting Conventions There are a small number of
special constructs you can use in various cases to insert comments or characters that
would otherwise be treated specially.

JSP SCRIPLETS

Using Scripting Elements JSP, like ASP, is scripting language independent. Java is
the default, and part of the JSP specification says that any spec-compliant JSP
container must support Java scripting. Java is an excellent language to use.
Nevertheless, other useful scripting languages are available and may be more familiar
to the majority of JSP adopters. The most likely alternative to Java for the initial
adopters of JSP is JavaScript. JavaScript is very similar to Java in its core syntax, is
much simpler overall than Java, and is already known by thousands of Web
programmers.
Presenting Application Pages with JavaServer Pages This chapter describes how
to use JavaServer Pages (JSPs) as page templates in an iPlanet Application Server web
applications
Setting Up JSP Tags and Scriptlets for Campaigns Campaigns require a minimal
set of JSP tags and scriptlets to support their services. In some cases, you might have
already added the required JSP tags to implement other Campaign Manager for
WebLogic services.

JSP AND JAVABEANS

Process JSPs effectively with JavaBeans The JavaServer Pages Model II concept is
well known in the JSP community. The basic idea is that the presentation (HTML)
should be separated from the processing code. This article offers an effective, reusable
design for moving the dynamic content, processing, and validation from a JavaServer
Page to a corresponding JavaBean.
Building Your Own JSP Components This article is written for developers who want
to create their own Beans for use as JSP components, and for interested web designers
who want to understand how these components are implemented behind the scenes. It
is not necessary to understand the details of Beans development to work with JSP.
Site User Logon with XML, Java Beans and JSP By asking a user for a logon and
password, you can verify the user's access to the site and ensure they are shown only
the information they need. During this tutorial, we will use XML and Java Server Pages
to verify the user's logon - and then store the results in a session Java Bean for easy
access.
Putting JSP and JavaBeans Together The jsp useBean tag is JSP's gateway to using
a JavaBean, and its most important functions are to provide an identifier (so you may
reference the bean in your JSP page) and a scope (so you may control the bean's life
span).

JSP SESSIONS

What is Session Tracking? There are a number of problems that arise from the fact
that HTTP is a "stateless" protocol. In particular, when you are doing on-line shopping,
it is a real annoyance that the Web server can't easily remember previous transactions.
Session Tracking HTTP is a “stateless” protocol: each time a client retrieves a Web
page, it opens a separate connection to the Web server, and the server does not auto-
matically maintain contextual information about a client.
How can I enable session tracking for JSP pages if the browser has disabled
cookies? We know that session tracking uses cookies by default to associate a session
identifier with a unique user. If the browser does not support cookies, or if cookies are
disabled, you can still enable session tracking using URL rewriting.
How to do session tracking in JSP I want to do session tracking in my JSP
pages.Say once after the user logs in,on every page I can get his username for further
use.Thank you for your help!
Session tracking with Cocoon Maintaining state is a common problem for web
server frameworks because HTTP is a stateless protocol. There are many solutions
known to obtain stateful information. Client-side storage of state information like the
usage of cookies will not be discussed here, since this depends heavily on the client's
browser.
Session Tracking Session tracking is a mechanism that servlets use to maintain state
about a series of requests from the same user (that is, requests originating from the
same browser) across some period of time.
Session Tracking HTTP is a stateless protocol: it provides no way for a server to
recognize that a sequence of requests are all from the same client. Privacy advocates
may consider this a feature, but it causes problems because many web applications
aren't stateless. The shopping cart application is a classic example--a client can put
items in his virtual cart, accumulating them until he checks out several page requests
later. Other examples include sites that offer stock brokerage services or interactive
data mining.
WebSphere Application Server Best Practices using HTTP Sessions A session is
a series of requests to a servlet, originating from the same user at the same browser.
Sessions allow JSPs running on a JSP engine to keep trac of individual users, a concept
known as personalization.
Survey: Hole in JSP ignored by many (IDG.net) Java Application Servers based on
Sun's reference implementation of the Java Servlet Developers Kit (JSDK 2.0), without
enhancements to the session management code, may be vulnerable.
2 Ways To Implement Session Tracking This article explains how to implement
session tracking using two of the simplest & oldest methods available to programmers.
I feel that in order to understand the beauty of new technologies that exist today it is
often necessary to understand what used to be done before that technology came into
being.
State and session tracking with Java servlets Part 1: Using cookies When the
Hyper-Text Transfer Protocol (HTTP) was developed, its designers chose to create a
protocol which does not maintain a persistent connection. Each request made by a Web
browser, for an image, an HTML page, or other Web object, is made via a new
connection. It would have been handy if Web browsers established a single connection,
through which multiple requests could be made.
State and session tracking with Java servlets Part 2: Securing data In the
second part of this tutorial on state and session management, we'll further examine
how cookies can be used to maintain state information between servlet requests, as
well as some of the security implications of storing state data in cookies. We'll also
examine the topic of session management, and the advanced session-tracking features
that the Servlet API offers.
Deciding between session tracking approaches Suppose a servlet implementing
sessions is receiving requests from three different users. For each user request, the
servlet must be able to figure out the session to which the user request pertains. Each
user request belongs to just one of the three user sessions being tracked by the
servlet. Currently, the product offers three ways to address the problem.
Deciding between session tracking approaches Suppose a servlet implementing
sessions is receiving requests from three different users. For each user request, the
servlet must be able to figure out the session to which the user request pertains. Each
user request belongs to just one of the three user sessions being tracked by the
servlet. Currently, the product offers three ways to address the problem.

JSP AND COOKIES

What is Session Tracking? There are a number of problems that arise from the fact
that HTTP is a "stateless" protocol. In particular, when you are doing on-line shopping,
it is a real annoyance that the Web server can't easily remember previous transactions
The Session Tracking API Using sessions in servlets is quite straightforward, and
involves looking up the session object associated with the current request, creating a
new session object when necessary, looking up information associated with a session,
storing information in a session, and discarding completed or abandoned sessions.
Handling Cookies Cookies are small bits of textual information that a Web server
sends to a browser and that the browser returns unchanged when visiting the same
Web site or domain later.
Can cookies only be set in terms of seconds? What if I want to set one for a
year? There are no convenience methods for setting a cookie's lifespan in terms of
days, months or years. However, you can still have a cookie exist for these amounts of
time.
How can I enable session tracking for JSP pages if the browser has disabled
cookies? We know that session tracking uses cookies by default to associate a session
identifier with a unique user. If the browser does not support cookies, or if cookies are
disabled, you can still enable session tracking using URL rewriting.
Questions and Answers - Session state in the client tier A session is a sequence
of service requests by a single user using a single client to access a server. The
information maintained in the session across requests is called session state. Session
state may include both information visible to the user (shopping cart contents, for
example) and invisible application control information (such as user preferences).