20/02/25
----------
Q)Java web application in which data is shared in session scope.
       sessionscopeapplication
            user.html
            WEB-INF
	       web.xml
	       lib
	       src
	          SourceServlet.java
		  TargetServlet.java
               classes
	          SourceServlet.class
		  TargetServlet.class
http://localhost:8081/sessionscopeapplication/user.html             
user.html
-----------
<HTML>
  <BODY   BGCOLOR="yellow">
    <CENTER>
          <H1>user name entry screen</H1>
		  <FORM  ACTION="./source">
				USER NAME  <INPUT  TYPE="text"  NAME="username"> <BR><BR>
				<INPUT TYPE="submit"  VALUE="send">
		  </FORM>
	</CENTER>
  </BODY>
</HTML>
--------------------------------
web.xml
----------
<web-app>
   <servlet>
       <servlet-name>four</servlet-name>
       <servlet-class>SourceServlet</servlet-class>
   </servlet>
   <servlet>
       <servlet-name>five</servlet-name>
       <servlet-class>TargetServlet</servlet-class>
   </servlet>
   <servlet-mapping>
       <servlet-name>four</servlet-name>
       <url-pattern>/source</url-pattern>
   </servlet-mapping>
   <servlet-mapping>
       <servlet-name>five</servlet-name>
       <url-pattern>/target</url-pattern>
   </servlet-mapping>
</web-app>
----------------------------------------------
import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;
public class  SourceServlet extends HttpServlet{
	public void doGet(HttpServletRequest request,HttpServletResponse response)throws IOException{
		String user=request.getParameter("username");
	        HttpSession session=request.getSession();
	        session.setAttribute("usr",user);//sharing data in session scope
		System.out.println(session.getId());
                System.out.println("Is this a new session:"+session.isNew());
                System.out.println("Default session time out period in seconds:"+session.getMaxInactiveInterval());
                session.setMaxInactiveInterval(180);
		response.setContentType("text/html");
		PrintWriter out=response.getWriter();
		out.println("<HTML>");
                out.println("<BODY BGCOLOR=cyan>");
		out.println("<A HREF=./target>CLICK HERE TO GET USER NAME</A>");
                out.println("</BODY>");
		out.println("</HTML>");
	        out.close();
	}
}
-------------------------------------------------------
import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;
public class  TargetServlet extends HttpServlet{
	public void doGet(HttpServletRequest request,HttpServletResponse response)throws IOException{
		HttpSession  session=request.getSession();
        	System.out.println(session.getId());
                System.out.println("Is this a new session:"+session.isNew());
		response.setContentType("text/html");
		PrintWriter out=response.getWriter();
		out.println("<HTML>");
                out.println("<BODY BGCOLOR=yellow>");
		if(request.isRequestedSessionIdValid())		
		   out.println("USER NAME IS:"+session.getAttribute("usr"));
		else
		    out.println("<H1>You are timed out</H1>");
                out.println("</BODY>");
		out.println("</HTML>");
	        out.close();
    }
}
********************************************************

Q)How to end the user/client session  in a Java web application?
=>Ending the session  in server's view point     is nothing but destroying the session object     that the container maintains.
=>session is ended in two ways.
           1.)when user explicitly logs out.
	   2.)when session is timedout(session expiry)

    =>If  a user is inactive with the website    for more than a specified period of time
    after session is allotted(created),container    forcibly logs the user out by destroying the session   implicilty. This is known as session expiry OR session time out.

    =>Every server has default time period for  session timeout. It is 30 minutes  in case   of Tomcat.

    =>We can change it  in two ways.

        a) by calling   setMaxInactiveInterval(int seconds) on session object.
        b.)By specifying in web.xml  the session timeout period in minutes.
	    For eg. session time out period configured   here is 3 minutes.
	       <session-config>
	           <session-timeout>3</session-timeout>
               </session-config>
   =>By calling invalidate() method, session is  destroyed when user explicitly logs out.

Note:- we can verify  if the request comes after  the session is timed out  using
   isRequestedSessionIdValid()  method of   HttpServletRequest  object.



Q)Develop a Java web application to implement a shopping cart.
shoppingcartapplication
      shoppage.html
      WEB-INF
         web.xml
	 src
	   ShopServlet.java
         classes
	   ShopServlet.class
http://localhost:8081/shoppingcartapplication/shoppage.html

shoppage.html
-----------------
<HTML>
	<BODY BGCOLOR="wheat">
    <CENTER>
		<H2>WELCOME TO SHOPPING MALL</H2>
	<FORM ACTION="./shopsession" method="post">
		SELECT PRODUCT CODE
		<SELECT name="pCode">
				<option value=101>101
				<option value=102>102
				<option value=103>103
				<option value=104>104
				<option value=105>105
		</SELECT>
<BR><BR>
PRODUCT QNTY<INPUT TYPE="text"NAME="q">
<br><br>
<INPUT TYPE="submit" NAME="s" VALUE="ADD ITEM" >
<INPUT TYPE="submit" NAME="s" VALUE="REMOVE ITEM" >
<INPUT TYPE="submit" NAME="s" VALUE="SHOW  ITEMS" >
<INPUT TYPE="submit" NAME="s" VALUE="LOGOUT" >
</CENTER></FORM>
</BODY></HTML>
--------------------------------------
web.xml
----------
<web-app>
    <servlet>
        <servlet-name>Shopping</servlet-name>
        <servlet-class>ShopServlet</servlet-class>
	</servlet>
	<servlet-mapping>
        <servlet-name>Shopping</servlet-name>
        <url-pattern>/shopsession</url-pattern>
    </servlet-mapping>
</web-app>
--------------------------------------
//ShopServlet.java
import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;
import java.util.*;
public class  ShopServlet extends HttpServlet
{	
	public void doPost(HttpServletRequest request,HttpServletResponse response)throws	ServletException,IOException
	{
		String  code=null;
		String  qty=null;
		response.setContentType("text/html");
		PrintWriter pw=response.getWriter();
		pw.println("<HTML>");
		pw.println("<BODY BGCOLOR=cyan>");
		HttpSession session=request.getSession();
		String sb=request.getParameter("s");
		if(sb.equals("ADD ITEM"))
		{
			code=request.getParameter("pCode");	
			qty=request.getParameter("q");	
			session.setAttribute(code,qty);
			response.sendRedirect("shoppage.html");
		}
		else if(sb.equals("REMOVE ITEM"))
		{	
			code=request.getParameter("pCode");		
			session.removeAttribute(code);
			response.sendRedirect("shoppage.html");
		}
		else if(sb.equals("SHOW  ITEMS"))
		{		
			Enumeration e=session.getAttributeNames();
				if(e.hasMoreElements())
				{		
					pw.println("<H2><FONT COLOR=BLUE>YOUR SHOPPING CART ITEMS</FONT></H2>");
					while(e.hasMoreElements())
						{		
						    String c=(String)e.nextElement();
					pw.println("<H2>PRODUCT CODE:"+c);
					pw.println(" QUANTITY IS:"+session.getAttribute(c)+"</H2>");
						}//while
				}//end of if
				else
				{
					pw.println("<H2><FONT COLOR=red >NO  ITEMS PLEASE</FONT></H2>");
				}
				pw.println("<A HREF=shoppage.html> WANT TO SHOP MORE!</A>");
				
		}//outer if
		else
		{		
			   session.invalidate();
			   pw.println("<A HREF=shoppage.html> THANK YOU! VISIT AGAIN TO SHOP AGAIN</A>");
		}
		pw.println("</BODY>");
		pw.println("</HTML>");
		pw.close();
	}//doPost
}//class

Q)What is a cookie?
=>A cookie is a name,value pair of textual information exchanged between web server
  and web client through  HTTP headers.
       
=>A dynamic web resource should create    the cookie and write to  the response object
       so that web server sends it to the browser     along with  HTTP response headers.

=>Browser is capable of retrieving the cookie   coming from the response headers  and can resend  the same to the web server through  HTTP  request headers.

=>NetScape  Incorporation  invented cookie   mechanism  and almost all the Web technologies
       provide API  for implementing cookie   mechanism.
       =>Cookies are of two types.
                   1.)session cookies
		   2.)persistent cookies
       =>In case of persistent cookie, browser  stores it  in the file system of that
       client machine.
       =>In case of session cookie, browser doesn't   store the cookie in the user machine's file
       system. As soon as the browsing session   ends i.e. browser is closed, session cookie
       dies.
       =>In case  of  session tracking,  session  id  is exchanged between web server  and
       browser  using cookie mechanism only.
       =>Name of the cookie that carries the     session id  is  "jsessionid".  Value  of
       the cookie  is   Container generated  session id.   This is a session cookie.Not a persistent cookie.

       =>Cookies are used  in the following
       areas  in a website.

         1.)to identify the user/client  uniquely in a series  of client-server interactions

	 2.)user provided information to the website  to be  reused in future by
	 storing that information into user machine only without the knowledge of the user.

Q)How to implement persistent cookie mechanism.
Step 1:-  create  the cookie by instantiating
                javax.servlet.http.Cookie  class.
   
                Cookie  c=new Cookie("name","value");

  Step 2:- Make the cookie persistent.
                    
		 c.setMaxAge(365*24*3600);//in seconds

  
  Step 3:- send the cookie to the client.

              response.addCookie(c);


 Step 4:- capture the incoming cookie from the
   browser.

          Cookie  c[]=request.getCookies();

  Note:-Cookie  class has  getName()& getValue()
  method  to retrieve cookie name  and value
  respectively.