In any web application, a user moves from one page to another. So, it is necessary to track the user's data and objects throughout the application. As we know that the session keeps the data particular to a user, so sessions are used to hold the user's data. For sessions JSP provide an implicit object "session", which can be use to save the data specific to the particular user into the session scope.

There are mainly 4 ways for session Tracking as follows:

1. Cookies:-
You can use HTTP cookies to store information about a session. The cookies are small text files stored in the client side. This is an excellent most widely used approach. However, even though servlets have a high-level and easy-to-use interface to cookies, there are still a number of relatively tedious details that need to be handled, while working with cookies.

2. URL Rewriting:
You can append some extra data on the end of each URL that identifies the session, and the server can associate that session identifier with data it has stored about that session. This is also an excellent solution, and even has the advantage that it works with browsers that don't support cookies or where the user has disabled cookies. However, it has most of the same problems as cookies, namely that the server-side program has a lot of straightforward but tedious processing to do.

3. Hidden form fields:
HTML forms have an entry that looks like the following: <INPUT TYPE="HIDDEN" NAME="session" VALUE="...">. This means that, when the form is submitted, the specified name and value are included in the GET or POST data. This can be used to store information about the session. However, it has the major disadvantage that it only works if every page is dynamically generated, since the whole point is that each session has a unique identifier.

4. Using session object in the JSP.

The implicit object represents the session. The information can be stored in the session for the current session by setAttribute() and then retrieve by getAttribute() method, whenever needed. The session objects stores at the server so it is advisable not to put heavy information in the session object.

To understand a session let us take a very simple example of getting the name from the user and saving it in the session, we will retrieve this name from session on next page and display on the page. For this, we will need 2 JSP pages.

Example:- 

Sessiontracking1.jsp

<% String action= request.getParameter("action");
if(action != null && action.equals("sub    mit")){
    String username=request.getParameter("    username");
    String password=request.getParameter("password");
    if(username != null && password != null && username.equals("visualbuilder") && pa    ssword.equals("test"))
    {    
        session.setAttribute("username",username);
        response.sendRedirect("sessiontracking2.jsp");
    }else{
        out.println("<h3>Wrong password!!!!</h3>");
    }
    }else{
%>

<html>
<form action="sessiontracking1.jsp" method="post">
<input type="hidden" name="action" value="submit">
    Enter the user name :- <input type="text" name="username" ><br>
    Enter the password :- <input type="password" name="password" ><br>
    <input type="submit" name="submit" value="submit">
</form>
</html>
<%}%>

Sessiontracking2.jsp

    <h3>Welcome <%= session.getAttribute("username")%> To the Site</h3>

Output:-

• Printer Friendly
• Email to a friend
• Add to my Favourites
• Download PDF version
• Report Bad Submissions
• Submit Feedback