Advance java session 7
Download as PPTX, PDF0 likes81 views
- Cookies allow servers to identify repeat visitors and customize websites by storing small amounts of data on a user's device. They help enable e-commerce sessions and avoid requiring usernames and passwords. However, they also raise privacy concerns if sensitive personal information is stored in cookies or they are shared across sites. - Cookies are created and sent by servers using the addCookie method and stored by browsers. On subsequent requests, browsers return cookies to servers which can then be retrieved using the getCookies method. Cookies have attributes like names, values, expiration times and paths.
![Reading Cookies
public static String getCookieValue(Cookie[] cookies, String cookieName,
String defaultValue)
{
for(int i=0; i<cookies.length; i++)
{
Cookie cookie = cookies[i];
if (cookieName.equals(cookie.getName()))
return(cookie.getValue());
}
return(defaultValue);
}](https://image.slidesharecdn.com/advancejavasession7-170821083014/85/Advance-java-session-7-9-320.jpg)
Advance java session 7
- 1. Cookies
- 2. Agenda • Stateless nature of HTTP Protocol • Explain the need for Session • Understanding the benefits and drawback of cookies • Sending Outgoing cookies • Receiving Incoming cookies • Tracking repeat visitors • Specifying cookie attributes
- 3. HTTP Protocol • Stateless Protocol - Communication protocol is stateless - Communication consist of independent pairs of request and response - IP and HTTP are stateless protocols • Advantages of stateless protocol - No need to dynamically allocate storage for conversation - No clean up activity if request dies mid way
- 4. HTTP Protocol • Cookie is a small text file which get stored on the client side • Cookie contains name and value pair • Cookie is stored only for a particular duration after which they are expired • Client returns the same name and value when it connects to the - Same site - Same domains - Depends upon cookie setting
- 5. HTTP Protocol • Typical Uses of Cookies - Identifying a user during an e-commerce session - Servlets have a higher-level API for this task - Avoiding username and password - Customizing a site - Focusing advertising
- 6. Problems with Cookies • The problem is privacy, not security. - Servers can remember your previous actions - If you give out personal information, servers can link that information to your previous actions - Servers can share cookie information through use of a cooperating third party like doubleclick.net - Poorly designed sites store sensitive information like credit card numbers directly in cookie - JavaScript bugs let hostile sites steal cookies (old browsers)
- 7. Problems with Cookies • The problem is privacy, not security. - Moral for servlet authors • If cookies are not critical to your task, avoid servlets that totally fail when cookies are disabled • Don't put sensitive info in cookies
- 8. Sending a simple Cookie import java.io.IOException; import java.io.PrintWriter; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class ServletDemo extends HttpServlet{ public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException{ response.setContentType("text/html"); PrintWriter pw = response.getWriter(); Cookie cookie = new Cookie(“name",”talentedge”); cookie.setMaxAge(60*60); //1 hour response.addCookie(cookie); pw.println("Cookies created"); } }
- 9. Reading Cookies public static String getCookieValue(Cookie[] cookies, String cookieName, String defaultValue) { for(int i=0; i<cookies.length; i++) { Cookie cookie = cookies[i]; if (cookieName.equals(cookie.getName())) return(cookie.getValue()); } return(defaultValue); }
- 10. Cookie Method
- 11. Cookie Method
- 12. Summary • Creates a cookie, a small amount of information sent by a servlet to a Web browser, saved by the browser, and later sent back to the server. A cookie's value can uniquely identify a client, so cookies are commonly used for session management. • A cookie has a name, a single value, and optional attributes such as a comment, path and domain qualifiers, a maximum age, and a version number. Some Web browsers have bugs in how they handle the optional attributes, so use them sparingly to improve the interoperability of your servlets.
- 13. Summary • The servlet sends cookies to the browser by using the HttpServletResponse.addCookie(javax.servlet.http.Cookie) method, which adds fields to HTTP response headers to send cookies to the browser, one at a time. The browser is expected to support 20 cookies for each Web server, 300 cookies total, and may limit cookie size to 4 KB each. • The browser returns cookies to the servlet by adding fields to HTTP request headers. Cookies can be retrieved from a request by using the HttpServletRequest.getCookies() method. Several cookies might have the same name but different path attributes.