Session simply means a particular interval of time.
Session Tracking is a way to maintain state (data) of an user. It is also known as session management in servlet.

  • HTTP is stateless that means each request is considered as the new request. It is shown in the figure given below:

  • There are four techniques used in Session tracking:

    • Cookies
    • Hidden Form Field
    • URL Rewriting
    • HttpSession

A cookie is a small piece of information that is persisted between the multiple client requests.
A cookie has a name, a single value, and optional attributes such as a comment, path and domain qualifiers, a maximum age, and a version number.

  • Non-persistent cookie

    It is valid for single session only. It is removed each time when user closes the browser.

  • Persistent cookie

    It is valid for multiple session . It is not removed each time when user closes the browser. It is removed only if user logout or signout.

  • Advantage

    • Simplest technique of maintaining the state.
    • Cookies are maintained at client side.
  • Disadvantage

    • It will not work if cookie is disabled from the browser.
    • Only textual information can be set in Cookie object.

HttpSession Interface

  • An object of HttpSession can be used to perform two tasks:
    • bind objects
    • view and manipulate information about a session, such as the session identifier, creation time, and last accessed time.

Web Application


  • HTML:HyperText Markup Language.
  • HTTP:HyperText Transfer Protocol
    • HTTP is the communication protocol between server and client. HTTP runs on top of TCP/IP communication protocol.
    • Port numbers 0 to 1023 are reserved ports for well known services, for example 80 for HTTP, 443 for HTTPS, 21 for FTP etc.
  • Java Servlet and JSPs are server side technologies to extend the capability of web servers by providing support for dynamic response and data persistence.

Web Container

  • When web container gets the request and if it’s for servlet then container creates two Objects HTTPServletRequest and HTTPServletResponse. Then it finds the correct servlet based on the URL and creates a thread for the request. Then it invokes the servlet service() method and based on the HTTP method service() method invokes doGet() or doPost() methods. Servlet methods generate the dynamic page and write it to response. Once servlet thread is complete, container converts the response to HTTP response and send it back to client.
  • Some of the important work done by web container are:
    • Communication Support – Container provides easy way of communication between web server and the servlets and JSPs. Because of container, we don’t need to build a server socket to listen for any request from web server, parse the request and generate response. All these important and complex tasks are done by container and all we need to focus is on our business logic for our applications.
      • Lifecycle and Resource Management – Container takes care of managing the life cycle of servlet. Container takes care of loading the servlets into memory, initializing servlets, invoking servlet methods and destroying them. Container also provides utility like JNDI for resource pooling and management.
      • Multithreading Support – Container creates new thread for every request to the servlet and when it’s processed the thread dies. So servlets are not initialized for each request and saves time and memory.
      • JSP Support – JSPs doesn’t look like normal java classes and web container provides support for JSP. Every JSP in the application is compiled by container and converted to Servlet and then container manages them like other servlets.
      • Miscellaneous Task – Web container manages the resource pool, does memory optimizations, run garbage collector, provides security configurations, support for multiple applications, hot deployment and several other tasks behind the scene that makes our life easier.
  • Java Web Applications are packaged as Web Archive (WAR) and it has a defined structure.


  • Servlet API Hierarchy

Session Management

What is a Session?

  • HTTP protocol and Web Servers are stateless, what it means is that for web server every request is a new request to process and they can’t identify if it’s coming from client that has been sending request previously.
  • Session is a conversional state between client and server and it can consists of multiple request and response between client and server. Since HTTP and Web Server both are stateless, the only way to maintain a session is when some unique information about the session (session id) is passed between server and client in every request and response.
  • When we use HttpServletRequest getSession() method and it creates a new request, it creates the new HttpSession object and also add a Cookie to the response object with name JSESSIONID and value as session id. This cookie is used to identify the HttpSession object in further requests from client. If the cookies are disabled at client side and we are using URL rewriting then this method uses the jsessionid value from the request URL to find the corresponding session. JSESSIONID cookie is used for session tracking, so we should not use it for our application purposes to avoid any session related issues.
  • When a JSP resource is used, container automatically creates a session for it, so we can’t check if session is null to make sure if user has come through login page, so we are using session attribute to validate request.
  • As we saw in last section that we can manage a session with HttpSession but if we disable the cookies in browser, it won’t work because server will not receive the JSESSIONID cookie from client.
  • a cookie is a small piece of data stored on the client-side which servers use when communicating with clients.They’re used to identify a client when sending a subsequent request. They can also be used for passing some data from one servlet to another.

java config

  • Use java -XshowSettings:properties to show the java.library.path (and others) value.

native lib config

  • /lib contain “essential” libraries that may be needed even in single-user (admin-only) mode and without /usr mounted
  • /usr/lib are the libraries for the normal user-programs, that mostly can be found under /usr.
  • /usr/local/lib are the libraries for locally installed programs and packages ie. things you’ve compiled and installed from source-packages yourself.


  • /etc/environment是设置整个系统的环境,而/etc/profile是设置所有用户的环境

vmware centos ip config

  1. vi /etc/sysconfig/network-scripts/ifcfg-ens33,设置ONBOOT=yes
  2. service network restart
  3. ip a查看ip


  1. 进入目录 /root/.ssh

  2. 执行命令:ssh-keygen -t rsa,会生成文件id_rsa和id_rsa.pub

  3. 将公钥写入文件 authorized_keys,cat id_rsa.pub >> authorized_keys

  4. 在其它机器重复上述操作

  5. 将其它机器的公钥拷贝到第一台机器的authorized_keys文件中

    ssh-copy-id -i id_rsa.pub 用户@ip

    注意,一定不要使用复制拷贝的方式把公钥复制到authorized_keys文件中,因为复制的时候会有特殊字符的加入,可以在vim中使用:set list进行验证

  6. 将第一台机器的authorized_keys复制到其它机器上

    scp authorized_keys 用户@ip:/路径/.ssh/


  • authorized_keys的权限是600,即读和写(如果默认不是的话,需要修改)


  1. 使用 Ctrl+Alt+F1或F2或到F6,进入tty终端(输入用户名和密码)

  2. 执行命令注销桌面重新登录

    sudo pkill Xorg

    sudo restart lightdm

Create a new post

$ hexo new "My New Post"

More info: Writing

Run server

$ hexo server

More info: Server

Generate static files

$ hexo generate

More info: Generating

Deploy to remote sites

$ hexo deploy


$ hexo clean

More info: Deployment