This content has been marked as final. Show 5 replies
968970 wrote:Why do you mean by "other pages"?
But i am confused what would happen when the request comes for other pages...
i mean subsequent request for any page after validating the user first time....
The server makes sure you have the same session object for the same client each time the filter fires. It does so by setting a cookie with the sessionID (by default anyway). As long as that cookie is submitted with the request, the server will be able to present you with the correct session object for each request.
Yes, server will be able to present me with the same session object associated with that client. But my concern is how exactly server does that? Where does server stores all these ids or state? And who generates the session id server or client?
968970 wrote:A good question! To research yourself. But while I'm at it...
But my concern is how exactly server does that?
Where does server stores all these ids or state?The ID is stored in a cookie (JSessionID, something to google) so the client can store it and send it back to the server. Alternatively URL rewriting can be configured if cookies are somehow a problem. The session store itself is in memory on the server of course.
And who generates the session id server or client?The server of course. The client can't know what the server is going to expect.
You seem to be vague on what happens on the server and what happens on the client - it would be wise to read a little bit more into client/server architectures and then especially in the context of a web environment.