Presentation is loading. Please wait.

Presentation is loading. Please wait.

Session Tracking Problem: Identifizierung und Speicherung persönlicher Daten Warenkorb Lösung: Session mit ID Anmeldung ID REQ + ID RES ID: JKLMGHNB45kdse43k.

Published byLandon Ritchie Modified over 10 years ago

Similar presentations

Presentation on theme: "Session Tracking Problem: Identifizierung und Speicherung persönlicher Daten Warenkorb Lösung: Session mit ID Anmeldung ID REQ + ID RES ID: JKLMGHNB45kdse43k."— Presentation transcript:

1 Session Tracking Problem: Identifizierung und Speicherung persönlicher Daten Warenkorb Lösung: Session mit ID Anmeldung ID REQ + ID RES ID: JKLMGHNB45kdse43k ID: JEWTSDTRWE45rrtt ID: ETWEFDR234ewdw

2 Cookies Session Tracking String sessionID = makeUniqueString(); Cokie sessionCookie = new Cokie(jsession, sessionID); sessionCookie.setPath(/ ); response.addCookie(sessionCookie); Server: Generierung einer eindeutigen ID Client: Verwaltet Cookies

3 URL-Rewriting Session Tracking http://host/path/index.html;jsession=1234 Diese Methode funktioniert auch mit Browsern ohne Cookies. Server: Generierung einer eindeutigen ID Angabe der Verfallszeit (expiration time) Verknüpfung Session Information mit Request Client: URL enthält mit zusätzliche Information.

4 Hidden Form Fields Session Tracking Nachteil: Jede Seite muss dynamisch generiert werden. Server: Generierung einer eindeutigen ID Angabe der Verfallszeit (expiration time) Verknüpfung Session Information mit Request

5 HTTPSession Objekt Servlet Container http://..Session_Tomcat Webserver Id keine ! neue Id kgwx Session name:wert http://..Session_Tomcat Id kgwx Id aus Cookie oder URL

6 Methoden von HttpSession Session Tracking public Object getValue(String name) [2.1] public Object getAttribute(String name) [2.2] public void putValue(String name,Object value); [2.1] public void setAttribute(String name,Object value); [2.2] public void removeValue(String name); [2.1] public void removeAttribute(String name); [2.2]

7 Methoden von HttpSession Session Tracking public String[] getValueNames() [2.1] public Enumeration getAttributeNames() [2.2] Alle Attribute einer Session werden zurückgegeben. public String getId(); Eindeutige Session Id public boolean isNew(); true, falls der Browser die Session noch nie gesehen hat.

8 Methoden von HttpSession Session Tracking public long getCreationTime() Zeit in Millisekunden von Januar 1970 public int getMaxInactiveInterval(); public void setMaxInactiveInterval(int seconds) Maximale inaktive Zeit, die eine Session überleben soll. seconds < 0 ; die Session soll immer aktiv bleiben public void invalidate(); Session wird mit allen assoziierten Objekten gelöscht.

9 Automatische URL-rewriting Session Tracking Das Servlet stellt automatisch auf URL-rewriting um, falls Cookies nicht erlaubt sind. Für lokale Links: String originalURL = someRelativeorAbsoluteURL; String encodedURL = response.encodeURL(originalURL); out.println( …. );

10 package session; import java.io.*; import java.text.*; import java.util.*; import javax.servlet.*; import javax.servlet.http.*; public class Session_Tomcat extends HttpServlet { public void doGet(HttpServletRequest request,HttpServletResponse response)throws IOException, ServletException { response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println(" "); String title = "Praxis der Internet Programmierung"; out.println(" " + title + " "); Session

11 HttpSession session = request.getSession(); out.println("SessionId " + session.getId()); out.println(" Erzeugungszeit: "); out.println(new Date(session.getCreationTime()) + " "); out.println("Letztmals benutzt: "); out.println(new Date(session.getLastAccessedTime())); String dataName = request.getParameter("dataname"); String dataValue = request.getParameter("datavalue"); if (dataName != null && dataValue != null) { session.setAttribute(dataName, dataValue); } out.println(" Session Data "); Enumeration names = session.getAttributeNames(); while (names.hasMoreElements()) { String name = (String) names.nextElement(); String value = session.getAttribute(name).toString(); out.println(name + " = " + value + " "); }

12 Session out.print(" <form action=\""); out.print(response.encodeURL("Session_Tomcat")); out.print("\" "); out.println("method=POST>"); out.println("Name: "); out.println(" Wert:"); out.println(" "); out.println(" GET based form: "); out.print("<form action=\""); out.print(response.encodeURL("Session_Tomcat")); out.print("\" ");

13 Session out.println("method=GET>"); out.println("Name: "); out.println(" Wert:"); out.println(" "); out.print(" <a href=\""); out.print(response.encodeURL("Session_Tomcat?dataname=foo& datavalue=bar")); out.println("\" >URL encoded "); out.println(" "); } public void doPost(HttpServletRequest request,HttpServletResponse response)throws IOException, ServletException { doGet(request, response); }

14 Praktikum Einfacher Warenkorb: 1.Name, Vorname, Passwort in Session speichern 2.Gegenstände hinzufügen 3.Warenkorb anschauen 4.Gegenstände entfernen

15

16 public abstract class CatalogPage extends HttpServlet { private Item[] items; private String[] itemIDs; private String title; /** cut some lines **/ public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html"); if (items == null) { response.sendError(response.SC_NOT_FOUND, "Missing Items."); return; } Session Tracking Warenkorbsystem: Katalog

17 PrintWriter out = response.getWriter(); out.println(ServletUtilities.headWithTitle(title) + " \n" + " " + title + " "); Item item; for(int i=0; i<items.length; i++) { out.println(" "); item = items[i]; if (item == null) { out.println(" " + "Unknown item ID " + itemIDs[i] + " "); } else { Warenkorbsystem: Katalog Session Tracking

18 out.println(); String formURL ="/servlet/onlinestore.OrderPage"; formURL = response.encodeURL(formURL); out.println (" \n" + "<INPUT TYPE=\"HIDDEN\" NAME=\"itemID\" " + " VALUE=\"" + item.getItemID() + "\">\n" + " " + item.getShortDescription() + " ($" + item.getCost() + ") \n" + item.getLongDescription() + "\n" + " \n \n" + "<INPUT TYPE=\"SUBMIT\" " + "VALUE=\"Add to Shopping Cart\">\n" + " \n \n "); …. Warenkorbsystem: Katalog Session Tracking

19 HttpSession session = request.getSession(true); ShoppingCart cart; synchronized(session) { cart = (ShoppingCart)session.getValue("shoppingCart"); // New visitors get a fresh shopping cart. // Previous visitors keep using their existing cart. if (cart == null) { cart = new ShoppingCart(); session.putValue("shoppingCart", cart); } Warenkorbsystem: Bestellungen Session Tracking

20 String itemID = request.getParameter("itemID"); if (itemID != null) { String numItemsString = request.getParameter("numItems"); if (numItemsString == null) { // If request specified an ID but no number, then customers //came here via an "Add Item to Cart" button on a catalog page. cart.addItem(itemID); } else { Warenkorbsystem: Bestellungen Session Tracking

21 // If request specified an ID and number, then // customers came here via an "Update Order" button // after changing the number of items in order. // Note that specifying a number of 0 results // in item being deleted from cart. int numItems; try { numItems = Integer.parseInt(numItemsString); } catch(NumberFormatException nfe) { numItems = 1; } cart.setNumOrdered(itemID, numItems); } Warenkorbsystem: Bestellungen Session Tracking

22 // Whether or not the customer changed the order, show order status. response.setContentType("text/html"); PrintWriter out = response.getWriter(); String title = "Status of Your Order"; out.println(ServletUtilities.headWithTitle(title) + " \n" + " " + title + " "); synchronized(session) { Vector itemsOrdered = cart.getItemsOrdered(); if (itemsOrdered.size() == 0) { out.println(" No items in your cart... "); Warenkorbsystem: Bestellungen Session Tracking

23 for(int i=0; i<itemsOrdered.size(); i++) { order = (ItemOrder)itemsOrdered.elementAt(i); out.println (" \n" + " " + order.getItemID() + "\n" + " " + order.getShortDescription() + "\n" + " " + formatter.format(order.getUnitCost()) + "\n" + " " + " \n" + "<INPUT TYPE=\"HIDDEN\" NAME=\"itemID\"\n" + " VALUE=\"" + order.getItemID() + "\">\n" + "<INPUT TYPE=\"TEXT\" NAME=\"numItems\"\n" + " SIZE=3 VALUE=\"" + order.getNumItems() + "\">\n" + Warenkorbsystem: Bestellungen Session Tracking

24 } else { // If there is at least one item in cart, show table // of items ordered. out.println (" \n" + " \n" + " Item ID Description\n" + " Unit Cost Number Total Cost"); ItemOrder order; NumberFormat formatter = NumberFormat.getCurrencyInstance(); String formURL = "/servlet/onlinestore.OrderPage"; formURL = response.encodeURL(formURL); Warenkorbsystem: Bestellungen Session Tracking

25 " \n" + "<INPUT TYPE=\"SUBMIT\"\n "+ " VALUE=\"Update Order\">\n" + " \n" + " " + formatter.format(order.getTotalCost())); } String checkoutURL = response.encodeURL("/servlet/onlinestore.Checkout"); Warenkorbsystem: Bestellungen Session Tracking

26 // "Proceed to Checkout" button below table out.println (" \n" + " \n" + "<INPUT TYPE=\"SUBMIT\"\n" + " VALUE=\"Proceed to Checkout\">\n" + " "); } out.println(" "); } /** synchronized ** } Warenkorbsystem: Bestellungen Session Tracking

Download ppt "Session Tracking Problem: Identifizierung und Speicherung persönlicher Daten Warenkorb Lösung: Session mit ID Anmeldung ID REQ + ID RES ID: JKLMGHNB45kdse43k."

Similar presentations

Servlets & JSPs - Sharad Ballepu.

Servlets & JSPs - Sharad Ballepu.
Internet i jego zastosowania 1 J2EE Servlets. Internet i jego zastosowania 2 Agenda Overview Servlet Interface Servlet Context Request Response Sample.

Internet i jego zastosowania 1 J2EE Servlets. Internet i jego zastosowania 2 Agenda Overview Servlet Interface Servlet Context Request Response Sample.
Servlets. Servlets are modules that extend Java-enabled web servers. For example, a servlet might be responsible for taking data in an HTML order-entry.

Servlets. Servlets are modules that extend Java-enabled web servers. For example, a servlet might be responsible for taking data in an HTML order-entry.
J0 1 Marco Ronchetti - Basi di Dati Web e Distribuite – Laurea Specialitica in Informatica – Università di Trento.

J0 1 Marco Ronchetti - Basi di Dati Web e Distribuite – Laurea Specialitica in Informatica – Università di Trento.
J0 1 Marco Ronchetti - Servlets e JSP.

J0 1 Marco Ronchetti - Servlets e JSP.
7 Copyright © 2005, Oracle. All rights reserved. Maintaining State in J2EE Applications.

7 Copyright © 2005, Oracle. All rights reserved. Maintaining State in J2EE Applications.
4 Copyright © 2005, Oracle. All rights reserved. Creating the Web Tier: Servlets.

4 Copyright © 2005, Oracle. All rights reserved. Creating the Web Tier: Servlets.
6 Copyright © 2005, Oracle. All rights reserved. Using Advanced Techniques in Servlets.

6 Copyright © 2005, Oracle. All rights reserved. Using Advanced Techniques in Servlets.
An introduction to Java Servlet

An introduction to Java Servlet
JSP and Servelets.

JSP and Servelets.
CGI programming. Common Gateway Interface interface between web server and other programs (cgi scripts) information passed as environment variables passed.

CGI programming. Common Gateway Interface interface between web server and other programs (cgi scripts) information passed as environment variables passed.
1 Web Search Interfaces. 2 Web Search Interface Web search engines of course need a web-based interface. Search page must accept a query string and submit.

1 Web Search Interfaces. 2 Web Search Interface Web search engines of course need a web-based interface. Search page must accept a query string and submit.
Servlets, JSP and JavaBeans Joshua Scotton.  Getting Started  Servlets  JSP  JavaBeans  MVC  Conclusion.

Servlets, JSP and JavaBeans Joshua Scotton.  Getting Started  Servlets  JSP  JavaBeans  MVC  Conclusion.
JLab Lattice Portal – Data Grid Web Service Ying Chen, Chip Watson Thomas Jefferson National Accelerator Facility.

JLab Lattice Portal – Data Grid Web Service Ying Chen, Chip Watson Thomas Jefferson National Accelerator Facility.
Dispatching, monitoring, filtering

Dispatching, monitoring, filtering
Exercises of the Tutorial on Advanced Web Programming Authors: Miroslava Mitrovic Dragan Milicev Nino.

Exercises of the Tutorial on Advanced Web Programming Authors: Miroslava Mitrovic Dragan Milicev Nino.
Cookie in a servlet. Cookies are small bits of textual information that a Web server sends to a browser and that the browser returns unchanged when visiting.

Cookie in a servlet. Cookies are small bits of textual information that a Web server sends to a browser and that the browser returns unchanged when visiting.
1 Servlets Based on Notes by Dave Hollinger & Ethan Cerami Also, the Online Java Tutorial by Sun.

1 Servlets Based on Notes by Dave Hollinger & Ethan Cerami Also, the Online Java Tutorial by Sun.
Apache Tomcat as a container for Servlets and JSP

Apache Tomcat as a container for Servlets and JSP
Java Server Pages (JSP)

Java Server Pages (JSP)

Similar presentations

Ads by Google