Presentation is loading. Please wait.

Presentation is loading. Please wait.

Session Tracking Problem: Identifizierung und Speicherung persönlicher Daten Warenkorb Lösung: Session mit ID Anmeldung ID REQ + ID RES ID: JKLMGHNB45kdse43k.

Similar presentations


Presentation on theme: "Session Tracking Problem: Identifizierung und Speicherung persönlicher Daten Warenkorb Lösung: Session mit ID Anmeldung ID REQ + ID RES ID: JKLMGHNB45kdse43k."— Presentation transcript:

1 Session Tracking Problem: Identifizierung und Speicherung persönlicher Daten Warenkorb Lösung: Session mit ID Anmeldung ID REQ + ID RES ID: JKLMGHNB45kdse43k ID: JEWTSDTRWE45rrtt ID: ETWEFDR234ewdw

2 Cookies Session Tracking String sessionID = makeUniqueString(); Cokie sessionCookie = new Cokie(jsession, sessionID); sessionCookie.setPath(/ ); response.addCookie(sessionCookie); Server: Generierung einer eindeutigen ID Client: Verwaltet Cookies

3 URL-Rewriting Session Tracking Diese Methode funktioniert auch mit Browsern ohne Cookies. Server: Generierung einer eindeutigen ID Angabe der Verfallszeit (expiration time) Verknüpfung Session Information mit Request Client: URL enthält mit zusätzliche Information.

4 Hidden Form Fields Session Tracking Nachteil: Jede Seite muss dynamisch generiert werden. Server: Generierung einer eindeutigen ID Angabe der Verfallszeit (expiration time) Verknüpfung Session Information mit Request

5 HTTPSession Objekt Servlet Container Webserver Id keine ! neue Id kgwx Session name:wert Id kgwx Id aus Cookie oder URL

6 Methoden von HttpSession Session Tracking public Object getValue(String name) [2.1] public Object getAttribute(String name) [2.2] public void putValue(String name,Object value); [2.1] public void setAttribute(String name,Object value); [2.2] public void removeValue(String name); [2.1] public void removeAttribute(String name); [2.2]

7 Methoden von HttpSession Session Tracking public String[] getValueNames() [2.1] public Enumeration getAttributeNames() [2.2] Alle Attribute einer Session werden zurückgegeben. public String getId(); Eindeutige Session Id public boolean isNew(); true, falls der Browser die Session noch nie gesehen hat.

8 Methoden von HttpSession Session Tracking public long getCreationTime() Zeit in Millisekunden von Januar 1970 public int getMaxInactiveInterval(); public void setMaxInactiveInterval(int seconds) Maximale inaktive Zeit, die eine Session überleben soll. seconds < 0 ; die Session soll immer aktiv bleiben public void invalidate(); Session wird mit allen assoziierten Objekten gelöscht.

9 Automatische URL-rewriting Session Tracking Das Servlet stellt automatisch auf URL-rewriting um, falls Cookies nicht erlaubt sind. Für lokale Links: String originalURL = someRelativeorAbsoluteURL; String encodedURL = response.encodeURL(originalURL); out.println( …. );

10 package session; import java.io.*; import java.text.*; import java.util.*; import javax.servlet.*; import javax.servlet.http.*; public class Session_Tomcat extends HttpServlet { public void doGet(HttpServletRequest request,HttpServletResponse response)throws IOException, ServletException { response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println(" "); String title = "Praxis der Internet Programmierung"; out.println(" " + title + " "); Session

11 HttpSession session = request.getSession(); out.println("SessionId " + session.getId()); out.println(" Erzeugungszeit: "); out.println(new Date(session.getCreationTime()) + " "); out.println("Letztmals benutzt: "); out.println(new Date(session.getLastAccessedTime())); String dataName = request.getParameter("dataname"); String dataValue = request.getParameter("datavalue"); if (dataName != null && dataValue != null) { session.setAttribute(dataName, dataValue); } out.println(" Session Data "); Enumeration names = session.getAttributeNames(); while (names.hasMoreElements()) { String name = (String) names.nextElement(); String value = session.getAttribute(name).toString(); out.println(name + " = " + value + " "); }

12 Session out.print("

"); out.println("Name: "); out.println(" Wert:"); out.println(" "); out.println(" GET based form: "); out.print("

13 Session out.println("method=GET>"); out.println("Name: "); out.println(" Wert:"); out.println(" "); out.print(" URL encoded "); out.println(" "); } public void doPost(HttpServletRequest request,HttpServletResponse response)throws IOException, ServletException { doGet(request, response); }

14 Praktikum Einfacher Warenkorb: 1.Name, Vorname, Passwort in Session speichern 2.Gegenstände hinzufügen 3.Warenkorb anschauen 4.Gegenstände entfernen

15

16 public abstract class CatalogPage extends HttpServlet { private Item[] items; private String[] itemIDs; private String title; /** cut some lines **/ public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html"); if (items == null) { response.sendError(response.SC_NOT_FOUND, "Missing Items."); return; } Session Tracking Warenkorbsystem: Katalog

17 PrintWriter out = response.getWriter(); out.println(ServletUtilities.headWithTitle(title) + " \n" + " " + title + " "); Item item; for(int i=0; i

18 out.println(); String formURL ="/servlet/onlinestore.OrderPage"; formURL = response.encodeURL(formURL); out.println (" \n" + "\n" + " " + item.getShortDescription() + " ($" + item.getCost() + ") \n" + item.getLongDescription() + "\n" + " \n \n" + "\n" + " \n \n "); …. Warenkorbsystem: Katalog Session Tracking

19 HttpSession session = request.getSession(true); ShoppingCart cart; synchronized(session) { cart = (ShoppingCart)session.getValue("shoppingCart"); // New visitors get a fresh shopping cart. // Previous visitors keep using their existing cart. if (cart == null) { cart = new ShoppingCart(); session.putValue("shoppingCart", cart); } Warenkorbsystem: Bestellungen Session Tracking

20 String itemID = request.getParameter("itemID"); if (itemID != null) { String numItemsString = request.getParameter("numItems"); if (numItemsString == null) { // If request specified an ID but no number, then customers //came here via an "Add Item to Cart" button on a catalog page. cart.addItem(itemID); } else { Warenkorbsystem: Bestellungen Session Tracking

21 // If request specified an ID and number, then // customers came here via an "Update Order" button // after changing the number of items in order. // Note that specifying a number of 0 results // in item being deleted from cart. int numItems; try { numItems = Integer.parseInt(numItemsString); } catch(NumberFormatException nfe) { numItems = 1; } cart.setNumOrdered(itemID, numItems); } Warenkorbsystem: Bestellungen Session Tracking

22 // Whether or not the customer changed the order, show order status. response.setContentType("text/html"); PrintWriter out = response.getWriter(); String title = "Status of Your Order"; out.println(ServletUtilities.headWithTitle(title) + " \n" + " " + title + " "); synchronized(session) { Vector itemsOrdered = cart.getItemsOrdered(); if (itemsOrdered.size() == 0) { out.println(" No items in your cart... "); Warenkorbsystem: Bestellungen Session Tracking

23 for(int i=0; i\n" + "\n" + Warenkorbsystem: Bestellungen Session Tracking

24 } else { // If there is at least one item in cart, show table // of items ordered. out.println (" \n" + " \n" + " Item ID Description\n" + " Unit Cost Number Total Cost"); ItemOrder order; NumberFormat formatter = NumberFormat.getCurrencyInstance(); String formURL = "/servlet/onlinestore.OrderPage"; formURL = response.encodeURL(formURL); Warenkorbsystem: Bestellungen Session Tracking

25 " \n" + "\n" + " \n" + " " + formatter.format(order.getTotalCost())); } String checkoutURL = response.encodeURL("/servlet/onlinestore.Checkout"); Warenkorbsystem: Bestellungen Session Tracking

26 // "Proceed to Checkout" button below table out.println (" \n" + " \n" + "\n" + " "); } out.println(" "); } /** synchronized ** } Warenkorbsystem: Bestellungen Session Tracking


Download ppt "Session Tracking Problem: Identifizierung und Speicherung persönlicher Daten Warenkorb Lösung: Session mit ID Anmeldung ID REQ + ID RES ID: JKLMGHNB45kdse43k."

Similar presentations


Ads by Google