- Using Hidden Controls
- The Cookie Class
- The HttpServletResponse Interface
- Creating a Cookie
- Reading a Cookie
- Setting and Reading a Cookie in the Same Page
- Using Sessions
- Creating a Session
- Setting Session Timeouts
- Using Applications
- Using Sessions, Applications, and JavaBeans
Today you learned how to track users with cookies and sessions in JSP. Everything started by using HTML hidden controls to store data in the Web page sent to the browser and then sent back to the server. Although storing data in hidden controls works, it's not very secure, and the data stored in those controls is visible if the user views the page's HTML source.
To support a session, you use the session object. As you've seen, you can get the session's ID, creation time, last accessed time, and more using session methods. Sessions let you establish a workable connection with the user's browser, letting you store data between page accesses.
You can also use application objects to store data; an application is broader than a session, because sessions deal with a single user, but an application includes all the users using JSP pages on your site.
Finally, you learned that you can store beans in sessions and applications if you set the scope attribute <jsp:useBean> to the appropriate values.