How exactly the Sessions and Cookies work? || Session Management || Spring MVC || @SessionAttributes

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] um [Music] hello and welcome back so right now before we implement session on our web application let's first understand what is the session okay and before before understanding session i want to introduce cookies to you because if you do not understand cookies you cannot understand session or if you understand also session without understanding cookies then it will be challenging to face you know some scenarios so let me start it from the scratch i know that you guys already understood cookies session and all these things in your web development course or in in your jsp or servlet course but right now let me recap everything and let me you know revise everything because before we start implementing these things inside our project i need to make sure that we all are on the same page so let me start from the cookies so hopefully i'm sharing my screen right now yeah i have shared my screen so right now you can see a slide on your screen okay so let's say i have a client machine here and i have a server right here let's imagine that you know this is my machine and this is the amazon machine let's say i want to shop something from a margin or something so i need to connect to amazon right so right now imagine that i am going to establish a connection with the amazon server so i'm sending a request let's say i'm i want to purchase some camera or something so i'll say a margin dot in slash camera so a request will go to you know a margin server now once amazon server accept this request it is going to handle it it is going to do some processing it is going to generate a jsp page or something a web page or a html page then it is going to send back that particular page as a response to my computer and then i can see that page on my screen and once i see this camera page the the connection between my computer and the amazon server will be drop why because the connection that i'm establishing with the server that is over a http you know the protocol that i'm following here to connect to the server uh you know i am using the http and http is a stateless protocol hopefully you have heard this sentence you know thousands and thousands time during your career but well http is a stateless protocol so once um you know we connect to the server server server gives us a response back uh the request and response both these objects will be destroyed all right so the next time if i connect to the server that will be a new request you know the server will be receiving and the server at the time will not know me that who i am so okay so imagine just like this right now there is some cameras in front of me so i have picked one camera and i have added it to the cat okay and then i closed the amazon site and then i went to facebook so i went to facebook i scrolled memes for around two or three hours then again i came back to you know came back to amazon site right right now i want to see what i have added to my cart and i want to again start my browsing after the two hours of interval so now imagine that again this is a new screen let's imagine uh this is my computer again my client and this is the margin server right now let's say again i'm trying to hit a margin dot in slash cut i want to see whatever the items i've already added to the cart so right now again a request will go to the server now this server right now identifies me that is me that is me connecting to the amazon server right now is does some processing and is is just created a page dynamically which was built for me okay and right now it has gap me that particular page back and i can see a camera on my cart so the question is here if http is a stateless protocol and if every time this request and response object get destroyed once the request has been served and i got a response back then how does this particular server this particular emergent server recognized me okay uh this is me this is an another guy sitting with another laptop connecting to the amazon server how amazing is keeping keeping track of of this you know of these particular things this this this is a village this is another guy this that is another guy how does these things happen and there when i want to introduce to you something called a cookie okay so cookies uh are something that i mean it was i think invented back then 1995 or something i read in my engineering books you know eight nine or ten years back so cookies are first invented in 1995 by a company called nescafe probably and that company nescafe was trying to build some kind of a website which can keep track of user preferences and that's why they built cookies they have been painted cookies so as i said you cookies are helpful to track user preferences then right now the straightaway question will be as the http is a stateless protocol then how does the cookie is going to help us uh to track the user preferences because one one time we give a response back to the client then as a server we do not know that who is the user who is actually trying to connect us and how this cookie is going to simplify all this thing and to make you understand this again i'm going to take the same example and i have developed this particular slide specifically to make you understand how does the cookie works so now imagine you are connecting a margin dot in slash r2 card you are hitting this url then obviously the request will go to the emerging server right now this amazon server will do what it will do it will do some processing and it will generate a html page or a jsp page whatever the front-end technology that you are using and also whatever the item you are trying to add it to the cart right so it will do what it will create a cookie for that okay and this cookie is just a text file okay and in this text file this particular server this particular amazon server is going to write all the information about the thing that i was trying to add to cut for example let's say i was trying to add a camera to the cart so a margin server will generate the card page okay for for the camera and also it is going to create a cookie and it will write there that this user of elast or this user101 is trying to purchase a camera okay so the item you want to purchase is a camera he's going to write this information to this text file or what we call cookies okay and this is going to do what as a response whenever we're going to send the response from server to client it is going to give the response and it is going to send both the html page and the cookies to the client's computer right now we are going to see that html page on our screen and also we have a cookie here so where does the cookie stores the cookie gets stores inside the client's computer so this is my computer right and here right now the cookies get stored okay and in this cookie the the server has its information that okay this is the user wants this particular item and he has added this thing to the cart and right now right now what happens once i see this html page on my screen the request and response object gets destroyed right let's say right now i closed my browser and i you know went to facebook again i i did chatting for 10 20 minutes and i came back again and right now again i want to hit another request here let's say a margin dot in and slash cut right now this cookie also go to the server with my request so whenever i'm going to send this request to the server the cookie which i got inside my computer that will go to the server okay and inside the server right now the server right now has something okay the server is going to check this user is accessing my my site for the first time or he visited my website millions of time this is how the server is going to decide by reading the cookies it is going to say okay does this person does have a cookie with him yes he has a cookie then it will read the cookie okay accordingly it will it will generate the html page okay this particular person already had a camera on his cart so right now the way he generates this html page by reading the information from the cookies because here it was previously written those information right and right now it will create a new cookie let's say i want to add another thing to my cart right right now it will create a cookie with two items inside the cart right and it is again going to send this particular html page and the new cookie to the client's machine and this particular cookie is going to be stored inside the machine and the user is going to see the html page so the reason why i want to show you this particular slide i just want to you know visualize all these things just to give you impression that the cookie is actually going back and forth between the client machine and the server machine over the http so that the server can keep track of the user that who is he and what his preferences are so that we can personalize a particular page for a particular user so this is how the cookies work and this is so beautiful with theory but cookies are very complicated to use and i recommend not to use that no i shouldn't say that this is going to be a controversial statement people with lot of experiences um going to you know scroll me on the comment section so i do not want to make that statement but a lot of sites if you if you go to a particular site called gt matrix right so if you if you create a particular site uh how what is the speed of that particular site if you want to decide you can visit a particular site called gtmetrix.com that gt matrix is a very popular you know website lot of people use that and if you put your url inside the gt matrix it is going to advise you to you know use a cookie free website but that is not always true you know our website should use cookie because cookies are very helpful and i'll i'll also tell you when you need to avoid that and what is the you know uh replacement that we have for cookies or what is the alternative that we have for cookies i'll tell you the disadvantages later but right now this is how the cookies work right so before we uh you know discuss more theory about the cookies let's experience it by doing some coding because i need to prove this right the server is generating the cookies it is sending to you and how all these things happening to make you understand this i am going to go to my sts again and right now let's back to our love calculator and let's try to fulfill our requirement that we wanted to have okay so where we are with our application so right now uh the the thing that we want to do with our application right now we have this home page let's say user is entering jack and rose he do he will hit on the calculate button and right now we are getting the jack and rose right here now let's do one work when we click on send result to email this is going to be a new request to server and right here we need to keep track of the username let's say hijack so can we store the username with a cookie okay so every time the server is going to you know accept a new request it is going to check what is the what is the username of this particular user so that we can display the name of the user just right here in the space let's say if somebody is writing his email id right here and he is clicking on send again this is going to be a new request but if we have the username stored inside the cookies then we can read that in in our webpage and we can say that well hi user jack or high user a velas based on the user name okay so the user name actually i'm planning to store it inside a cookie okay so this is not going to be the production standard code but well we need to understand it okay how does the things work then we can make our code uh production standard okay so right now let's implement this particular feature uh so we have this particular page so right now in this in this space we are going to track the username which is going to be the jack and this jack will be getting from here from the home page whenever he'll be entering jack right here we are going to track everywhere right here also we are saying jack right here send result to email here also we're going to say hijack okay and again once you enter the email id and he hits the send button again we need to say hi jack we have we have sent your email to your email id uh let's let's store this username inside the cookies and let's see how does the cookie work in real time okay so right now let me switch again to sts okay all right so right now let's go ahead and let's create a cookie for username or your name so what i'm going to do let's say if the user is entering a velocir and for the cross name if it's entering a village one two three then what is going to happen if i hit calculate it'll go to the next page right so right now we have a hold on the username and his cross name right here so that we can right now store these information uh inside a cookie right so now let's first create a cookie for this username called avilas so right here inside this inside this particular controller is user is going to enter his name right here when he is the calculate right here we know we we have the access to his name and to his crush name right here inside the query string right so let's capture it uh inside this particular handler method and let's create a cookie for the username right here which is a village cool so to do that first of all which controller handling this particular page obviously i will go to the lc up controller so this is process home page the url is slash process home page i can copy this i can hit command shift l and i can do command v and i'll go to this request mapping which will be inside the lc app controller i believe yeah there you go so this is showing my home page and this is the process page so what i'm going to do right now right here inside this handler method obviously i'll be getting the username and cross name right here attached with this particular dto so what i'm going to do here i will uh create a cookie for the username right you can create cookies for both the username and crush name but uh for my requirement i'm going to create the cookie for the username and to create the cookie for the username first i'm going to do what i am going to use the cookie class here and i will be you know using the javaxx or plate.http so right here i can say cookie dough cookie equal to new cookie so that i want to create a cookie and cookie always have a key value pair it has a name what is the cookie name and what is the value you want to store with the cookie so let's say my cookie name is going to be unique let me say my application name is lc up so i'll say lc up dot i want to store the user name so i'll say user name and what is the value the value i can get from here inside the user info dto so i can say user info dto dot get username okay so whatever the username the user is entering i want to create a cookie with that and once i create a cookie with that i can also decide how long this cookie will be there inside the client's computer so if i want i can set the s for this cookie or the time for this cookie for the for the expiry so i can say the cookie dot set max h and i need to uh specify the expiry here so let me say that i want to store the cookie for you know 24 hours so i can say 60 into 60 into 24. for this much time the cookie is going to leave inside the client's computer and right here once the this is how i can create a cookie and my cookie for the username is already got created right now the question is how can i add this cookie to the response so cookie i need to add to the request or response imagine where the user is sending the request then when we are sending the response back at that time we are giving them the html page and also a cookie so we are adding the cookie with the response and once that response reaches the you know client's computer that cookie will be stored inside the client's computer so next time when the client will give another request that cookie will go to the server so i am going to add this cookie with the response so i can do what i can normally have http servlet response and i can say response here and right here i can add the cookie to the server to the response object i can say so to add the cookie to the response i can say response okay this one this this uh this instance response dot our cookie and with this i am going to add this dough cookie here let me copy this i want to add this cookie to the response and it has a key value pair here called lc update username and this is going to be the value so let me save all this thing let me stop my server and let me uh let me start my server again and let me check whether my cookie is getting created and getting stored inside my you know inside my browser okay so uh let my server deploy the changes and then i'll show you how the cookie is getting created how it is going to be stored inside your computer and what are the other things which is which is actually happening right here these are very very basic thing isn't it i i believe you already know this thing but you know i cannot just keep it because if i start talking some advanced stuff people who are learning this for the first time they will not understand this so i will not feel good right okay so my server is started right now let me open my google chrome here so i have already hit this url enter okay so my server is up and running so right now what you can do to see the cookie is what you can do right here so you will go to the developer tool okay and right here you can go to network okay not inside the network you need to go to the application and right here what we need to do uh this is a different cookie i'll be telling you that later so you can see this is my uh you know website this is where my site has hosted right i have deployed my website inside this uh you know tomcat and this is the url right localhost colon8080 so right now let me say my username is crush name is let's say something okay then i'll take this box and i'll hit calculate and now see what what happened here i got a cookie created here okay and the cookie name is lcr dot username and the value is this um and it is coming from the path this and i got a cookie created here this is basically a text file so right now this cookie is there inside my computer and this will not go away right if you even if you're going to do refresh i have the cookie name right here and the value right here let me actually close the browser okay and let me try to open the browser again okay and let me hit the same url let's say a localhost love calculator right now i haven't given any value right here but as this is going from my my my browser right this browser is mine i'm the user right now let me open the developer tool right i'll go to the application and you can see i have captured the uh username already right there so this particular cookie will be there in your computer till it's recessed it expiry time right so this is how the cookie works it's just a text file right if you if you're going to uh talk about different browsers let's say um you know this this is google chrome right for google chrome there is a specific place where the cookies are getting stored all those text files are getting stored for safari browser there is a place where all the cookies which are specific to safari browser they are going to be stored just right there so i can show you for an example for the safari browser okay if this is the safari browser uh whatever the cookie is this particular safari browser have this will be getting stored inside the specific place i can show you that let me go to my library here so i'm on a mac system right now so let me go to the library so i can hit l okay this is the library let me open this particular folder in a new tab and you can see here there is a specific folder available right here which say cookies and all these text files are there which are specific to the you know safari browser and just like that for the google chrome also there is a place for for this particular browser also there is a place where all these text files are getting stored right there and all these things are getting loaded by the browser for from that particular folder google chrome basically stores all his cookies inside a database called uh sqlite or something i will add the path right here on the screen so that you can also go to your go to that but specific folder and you can check whether this particular files are getting stored right there or not but anyhow we got to know right now our cookies are getting created and right now we have a hold on the cookies so right now if we'll go to the safari browser and it will hit the same url right here and right now let me go to the develop option right here and right here i can choose the option a show web inspector and right here i can see a storage inside the storage tab you can track all your cookies so right now see there is no cookies available right here let's say let me give a different and username right here let me say you know man of okay cross name let's say something okay i'm hitting this box and i'll say calculate right now for this particular you know client i have a username created called manov right so if i'm going to rephrase this particular page right now you can see the username is manoff but if i'll go to the chrome okay for this particular client if i keep replacing this you can see the username which is already been stored right here is available so our web browser is our client this is this is what the you know concept that i want to clarify right here so for each client you know the way the cookies are getting stored there they will be stored in some different different location which is specific for that particular browser and from there it is going to read the cookies and the cookies will be there inside your computer inside the user computer so that whenever the browser will send a new request it is going to send the cookie with that request to the server whenever i do some operation over this website this particular browser is going to send the cookie to my server which is tomcat in my case which is there inside this particular computer right now the client and the server both are there inside the same computer but in real time the server will be hosted somewhere inside a different location right so this is some fundamentals that you need to keep in mind and this is how the cookies are getting created right so whenever i'm sending a request to my tomcat server by hitting this url from a google chrome browser here the server is tracking that okay this particular browser used by this particular user right this is how it is actually tracking who you are right so that's why you can see the cookie which is got created for the chrome browser is a village but if you go to the safari browser as it is a different client right so if i'll hit the same url right now localhost 8080 class spring love calculator if i'll go to this and if i'll go to the web inspector right now you can see the cookie that we have for this browser is manoff right this is how the server is actually tracking the user based on the browsers and all these browsers are loading the cookies from different different places right that's why it is not getting overwritten right uh cool so i do not want to make these things very complicated but right now i want to give you a very simple requirement which will make you familiar with the cookies that will basically tell you how the things basically works right so let's say if i'll go to my google chrome browser right now let me delete this cookie right click uh delete sorry my ac is making noise if you are hearing some kind of noise here i'm really sorry about it okay so right now let's say i am giving some username let me give some different username let me say asis right now and the crush name let me say something okay i'll hit calculate so right now i have a cookie created for username called asis right now let me give you a requirement here if i have a cookie available inside this inside the browser that means this particular user assist has accessed my website previously right now i want to give you a requirement have you seen some kind of flight booking websites just like go ibibo or makemytrip.com or something just like that whenever you search for flights right you can see a lot of flights available in between a specific time but whenever you close the browser and you come back after a few days and again you see whenever you are actually trying to access that particular url let's say mac my trip is already has the information that particular site already know who you are what is the you know what is the destination you want to go right it's already kept all your information through some cookies right so can we implement the same thing just right here let me give you a challenge to you let's say uh right here this is the home page right so right now let's say if i'm the br i'm the user if i'm closing my web browser right here and again if i'm opening my web browser let's say new window and right here if i'm trying to access the same site let's say localhost log calculator right now here i need to display the username right if the user has already visited us we would have already have a cookie on the username we know who the user is so instead of telling the user hey enter your name again right here we can show his name right here on the text box so how we are going to achieve it let's say when we are actually creating the cookie we are creating the cookie whenever you know we are filling a user is basically filling off and going to the next page here right now here we are creating the cookie right inside inside the handler method of this particular page so right here what we can do whenever the user is trying to come to our website first here by hitting this url we will read if he has any cookies available with him and if he has we are going to read the username value and we are going to display it just right here let me uh let me implement the same thing so what i am going to do here let me go to sts okay so we are basically capturing the cookie inside the process homepage and if we'll have a cookie there will be a cookie available inside the browser with this particular name so what i'm going to do here i'm going to do command c here so whenever first time whenever somebody is trying to hit those class requests whenever this particular request getting executed from the request itself let's say sttp servlet request request from this request whenever the request comes to my website for the first time i'm going to read okay request dot get cookies get cookies okay there you go right now you can see i have this method get cookies and this particular method will give me all the cookies that i have stored for that particular user okay right now this is going to give me multiple cookies so you can see it is going to return me a cookie array so what i can do i can write cookie array right here and i'll say uh cookies okay equal to this and right now what i can do i can iterate from this array and i can look for the specific cookie that i'm looking for for an example here i'm looking for let me iterate this particular area right now let me say four and right here i can say cookie temp and i can say cookies my rname right this one and from here i am going to specifically looking for the cookies it may return me multiple cookies but the one that i am interested for is this one right here more tools developer tools and right here the one i'm looking for is this one lcr dot username so what i'm so what i can do right now i can go here and i can say if okay from here i can start what is my cookie name my cookie name i have created here right this is the cookie name copy this command c and right here i'm going to do command v okay and i'll say dot equals okay and from here from the from this temp okay from this temp a get name so this particular gate name is going to give me what uh the name of the cookie which is going to be this in my case the name will be lc update username this is what it is going to return me right here okay if it is available and if it is found what i can do i can get that name right so i can say dot get value right it is basically give me the value of that particular cookie so i'll say string my user name okay equal to so once i got this name here what i can do i can set this particular name to this user info dto so so whenever the form loads right if i go here whenever this particular form loads for the first time there will not be any value right because we are just simply initializing our dto here and we are simply initializing our user info dto and if you see this home page if i'll go here command shift r and if i'll go to this home page right here where is the form this is the form right this is the form we are using and here we are using the user info which is a model attribute and inside this model attribute for the first time there will be nothing right that will be a empty object we are creating we are not setting any value so right here we can say we we have the username value so with this dto okay what we can do user info dto dot set username and we already got the username my username okay so this will get set to this particular username right so whenever we are going to display the user this particular form if he has already visited with our website to our website and if we have already his username available as a cookie we are going to show him the username just right here so let me first of all delete this particular cookie because i want to start things from scratch and let me see whether things are working fine or not let me stop the browser okay so that you'll be familiar that what i'm trying to do here right and after that i'll tell you the disadvantage now what is the con if we are trying to use cookie too much if we rely on the cookies too much what is the problem we are going to have but before that my let me start my server first and let me see uh what is the behavior of my application uh right now and how the things are working just right now hopefully you are not getting bored uh maybe you won't you know all these things previously but it doesn't matter right if i uh you know speak about it for more 30 or 20 minutes okay let me go to the browser let me do refresh you can see there is no cookie available this is also a different cookie but i'm going to tell you about this later so right now what i'm going to do let's say your name i am going to give the your name as rakesh and the cross name let me say something let me say something um okay let let me give a random value here otherwise if he is going to watch you will complain okay i'll hit calculate so i got the i got the username right now ruckus let's say ruckus right now close the browser and he opens the browser right now again okay he has already visited my site so right now if it tries to access let's say love calculator hey your name you are a case man i know you have already came to my site right so this is how you can actually capture the cookies right and you know i can track right now this user is ruckus you can already see his name on your name text box so this particular cookies is going to be expired um on this particular time the time that i set okay right there set max says i have said that with my cookie right and after that this particular feature will not work so i have whenever i've created the cookie i i have set the is right here which is this hopefully this makes sense okay so right now uh tell me one thing uh okay so right now one more thing i can do guys don't you think we are working on spring right now and the way we are handling the cookies is not very convenient let's say i have a requirement right now if i'll go to my previous pages let's say if i'll go to the browser let's say he enters his cr class name right now i'll do calculate so whenever the user will click this link i need to display his name here also and also whenever he'll enter a email id and he will hit send i will also need to display the cookie name just right here as well so if i am going to keep reading this particular cookie in each of my controller let's say this particular page is slash process email before that slash send email if i'll go to the email controller let me go to the email controller right here okay here also i need to read the cookie inside this controller and right here on also inside the process email i have to read the cookies and need to display the username to my process email page so if i'm going to keep reading the cookies by this way first of all let me tell you if we if you have multiple cookies right it will be very challenging for read every time because every time you don't want to write a for loop just right here and you just don't want to use the http servlet request all the time because we are working with spring framework and spring framework says don't use the http servlet request and the servlet response if it is not needed right you guys are using spring framework use the spring feature okay and we will do all these things behind the scene okay you as a developer you do not need to do all these things these are very standard code and actually as a spring developer we will make it simplify for you guys okay so i'll tell you a shortcut method i'll tell you a method i'll tell you a annotation that spring spring framework gives us and we can use that annotation to read cookies okay uh right now to read the cookies we have done whole lot of drama here isn't it so let me go to the email controller okay so right now inside our email controller or let's say i want to read the cookie just right here so what i can do i can say here annotation at cookie value okay and right here i can give the cookie name my cookie name is what let me go to the other controller let me copy the cookie name okay command c and let me go to the email controller again and let me paste the cookie name and let me say string username okay so i'll get my username value from this cookie if it will be available and right now what i can do i can send this once i get once i got this username i can send it to the next page okay so what i can do i can use model uh dot add attribute okay and right here i can write something username this is going to be my model name and whatever the value i'll get from here i'll paste it right here and i'll send it to you know send it to the model okay so right now here inside the space let me copy this name here inside this page i can do what i'll go here to the send email page and right here i'll say hi and then i'll do command v and this is going to be dynamic so let me use a dollar symbol right here okay there you go command s to save it let me stop my server and let me start my server again and let me check whether the things work and the reason why i explained you all these things now just to give you a clarity that to read cookie values we have a we have a shortcut method we have a beautiful annotation provided by the spring framework which says add cookie value and this is how you are going to read the cookies okay cool so right now let me check whether my things worked if i'll go to the browser again okay let me come to first the first page okay let me say rack is one two three uh calculate okay so it is saying rack is one two three and these you guys are friend now let's go to the email page send result to email and right now it is saying hi rackets123 okay because right now i'm able to read this particular value from the cookies because it is there it is there inside my cookie folder right this particular values i'm storing it inside my cookie so right now let's say if the user is entering obvious at the rate gmail.com right here in this page also we can display the username by using that annotation called at cookie value and we can do what if i'll go to sts right here inside the process email page if i'll go to that particular page process email right here inside this page also you can display the cookie value so to do do that what you can do again you can go to email controller you can use that cookie value just like this to read the value just right here and can add that to the model okay so that you can read it in your jsp page and this is how you can read cookies in in your spring framework by using add cookie value annotation hopefully this makes sense okay so before i wrap up this thing i'll just tell you one thing why it is not recommended to use cookies okay so right now first of all tell me where we are storing our cookies we are storing the cookies inside the client's uh computer right let's say you are coming to my website i am storing some information in your computer okay this is just like if you will come to my room and you will ask me hey villas can i can i drop my suitcase right here in your room it is up to me if i agree that's fine if i do not agree then i will not allow you to you know put your suitcases right here in my room got that so it's all up to user so if the user wants he will stop you to use cookies okay because you do not want to store all your garbage inside his computer because in the end you are storing the cookies inside the client's computer right maybe maybe the user will not allow you to do that that will be another scenario i will talking about it the next thing think about that imagine example that i have given you right let's say you are adding a camera to the cart i am creating a cookie i am giving that cookie back to your browser right your browser is storing that cookie inside your computer and every time there will be a request comes from your browser i need to read that cookies so reading and writing cookies is a very challenging task right because whenever we are writing cookies we are writing it in key value pair and that is in uh text format right we are not writing binary if you write binary you may write viruses to your client's computer you do not want to write viruses to your client computer so every time whenever we are sending the cookies we are writing in text format and again whenever we are reading the cookies we are converting the text to a object format because in java we deals with object we do not deal deals with a lot of text okay so think just like that whenever you are using the amazon website if the margin is going to give you some cookies let's say you are adding something to the cart and the cookie information will be huge just like what is the product information what is that item what is the caller what is the category of that particular product and again what is my payment information what is my credit card number what is the cvb okay what is the expiry date of my credit card number and again what is the shipping address think about a shopping cart object it will be a very huge object isn't it and if i am going to write all this information all this complex object structure inside a cookie it will not fit into the cookie size you cannot send a file to the client's browser which will be 30 mb or 40 mb in size there is a restriction whenever you are sending cookies to the client's computer the cookie cannot be more than you know 4kb i think so there is always a restriction so you have to write things with the limit so you always have a limit that okay the cookie size must be 4kb or something okay so if if there will be a very complex object you cannot transfer that thing cookies because it will be a very challenging task to pit a very complex object or very heavy object inside some particular kb all right so there is space constraint as well so hopefully you understand the problem right cookies are very awkward to use because we we have a lot of limitation okay we need to fit into that limitation if you want to use cookies uh first of all the user may block cookies there is a first challenge second challenge if if there will be a very heavy object as i said if you see here inside your lcr controller whenever we are writing the cookies here we are creating the cookie just like this because we just want to store the username okay but if it will be a very complex object at that time it will be very challenging okay to write all these things by you know keep help here and storing it as a text inside the client's browser and again whenever we'll be reading them back we need to read them as objects so with all this limitation if still if you want to use cookies then again if you keep writing all these things the memory or the size will be more than 4kb if it will be more than 4kb or something then you you are not allowed to write that particular cookie to the client's computer because the maximum size of the cookie is something 4kb or something right so for a very complex object for very very heavy object it won't be possible so right now with all these limitations we need to find an alternative and we have it we have that alternative that alternative is called session so right now let me tell you about the station and why we should prefer session over cookies i'm not telling cookies are bad they will save you in lot of scenario but why we should use session over cookies and what is the benefit we'll get if we use session and how can we overcome all these challenges as i said we are going to see that uh right now okay but right now let me stop the recording first and i will start the recording again today okay [Music] [Music] all right so right now let me start talking about session okay uh what is a session and how it is uh you know different from cookies and why should we choose session in our scenario now right now we are trying to implement something in our website you know in our scenario why we should choose session over cookies okay so before i start talking about session okay i hope that you got a good clarity on cookie and you have everything on your mind right now you got you whenever i say cookie then you guys should be getting some kind of picture on your mind so i only need that okay so all this one hour one and a half hour talk is just for that you know just creating that first impression for cookie and right now let's talk about session okay so the session for okay let me first confuse you do you know the sessions are also kind of cookies how many of you does agree with the statement the seasons are also kind of cookies and if you are going to stop the cookie if you stop the browser to allow cookies then your stations are also not going to work why okay so let me let me give you a complete walk through on session and then you can relate to this particular things so first of all if i'll if i'll talk about uh station again uh let's imagine the same example that i have uh covered during cookies okay so we have a client machine and we have a server machine and let's say this machine is mine and i want to purchase something let's say i want to purchase a mic okay so if i want to purchase a mic i will again go to the amazon and i will try to add a mic to a cart then again i'll go to the payment and i'll purchase it let's say i'm hitting emergency slash r2 cart okay right now it should be add to cart's last mic or something but imagine that i'm adding a mic to the cart right now the request will go to the server that hey this user is adding a mic to the cart right now the server will again generate a html page according to the user specification and then it is also going to store that particular thing let's say i am the user number one okay the server will mark me as a as some kind of number okay let's say one two or one zero zero one or some some numbers just like that so inside the server the server will do what it will create a id for me let's say one double zero three and let's say this user one double zero three number user he want to purchase a mic okay so he has added this particular thing inside the server memory okay and once it store this information inside the server memory what it does it creates a cookie and this cookie right now will not contain any other information it will only contain the id of the user let's say i'm the user whose number is 1.003 and i want to purchase the mic so this information is there stored inside the server safely right now it is only creating the cookie with the id okay and it is going to do what with the response it is going to send this cookie to the client's computer and also it is going to send the html page this is how this is how the session work this particular thing that i told you right the server kept the user information inside the server memory server means what it's just a computer right inside the computer memory or inside some long term storage and the server will do what it will add the information of the user and accordingly with that user id it will generate a cookie and it will send that cookie to the client and right after that again request and response this particular objects will be get destroyed and right now as you know http is a stateless protocol and right now the connection between me and server is dropped right now when i am going to send another request to the server again this particular cookie let's say i want to hit another url amazon dot in slash card right now this particular cookie will also go to the server and right now the server will find the item from the storage okay server will see that this is the user who has already visited to my site because he already has a cookie and the id number that mentioned with his cookie is 1.003 right now the server will find this 1003 from the storage place right where it has stored my personal information it will find that particular items by using this id and once it's found that it will build the specific html accordingly and again it will send this html to the client and again also the cookie came from the server to the client okay if i'll be adding any other information to my cart or if i'm adding any other products to my cart then those items or those products will be added to this item column right here i'll have mic camera okay a light or something you know all these things will be added to this items column and this id um this is just specifies that okay this is that particular user right and accordingly right now a cookie having only the id of the user is going back and forth you know to client to server and server to client and this is how right now the server is going to track my information but the new thing that we learned here we are right now not writing everything to the cookie inside the cookie we are only storing the user id okay which is specific to a particular user and using this particular id server is storing all these information inside the server only and the cookie that the client has right now this particular one it only contains the id the id of the user so that the server can track okay this is user number one double zero two or one double zero three so this particular approach is pretty much beneficial if you compare to normal cookies this particular thing is called station you can see here i told that the server will store my information inside some long term storage okay even if this particular thing says configurable if i if i want i want to store the user information within a database or something i can also do that and primarily the server will store all this information inside the server memory or what we call the in memory so whenever you will stop the server all this information that you are storing will go away so two points i want to clarify here the cookie only with the id some kind of id is going back and forth between the client and server by which the server can keep track of the user information and keep track of a session okay and the next thing will be as we are not writing all the information to cookies inside the cookies we are only storing the id if let's say if you talk about a shopping cart right now all the shopping cart related information let's say about the payment information about the shipping information all this information right now i'm not writing to the cookie instead i am storing all this information inside my server itself so there is no constraint with the memory all right so previously i used to think okay if i'm writing all this information to my cookie my cookies should not be more than this particular size let's say 4kb or 6kb so in most of the scenario if you have any complex object then that particular size will obviously you know it will exceed that particular size and it will be very difficult for us to manage cookies but right now we are not writing all these things to the cookies we are storing all this information the shopping cart related information inside our server memory right so as we are storing it inside our computer memory and we are not sending all this information over the http protocol or over the http that's why this is a really convenience for for us to manage it because we are storing it inside our server and one more point that i want to highlight here the station the session memory we have it inside our server as i said right cookies get stored inside the client side but the session is basically get stored inside the server right so i believe that right now you have a good hold on the session as well at least you understand the concept right right now one more very important thing is that the way we are going to implement the session with our project is going to be really simple whenever we are working with cookies we basically we are writing the cookies by ourselves we are reading the cookies we are basically seeing the cookies okay this is the cookie i'm creating okay this is the cookie i'm trying to retrieve so i'm basically dealing with cookies okay as a developer i do have to interact with the cookies by seeing them personally okay this this is the cookie that i need to manage but if you talk about session creating cookies retrieving cookies and all these things as a developer i do not need to think about it this is the most important thing guys and i'm going to prove it with the code right now but the amazing thing with the session okay uh the session we can achieve this particular session stuff by using the http station api and the code there is going to be very simple it is very simple to create a session and to manage them because as a developer we are not going to be creating cookies as i have told you that here this particular cookies is going back and forth and you know it is tracking the user information but as we are not dealing with the cookies personally whenever we'll be dealing a session um you know we will not be creating cookies will not be fetching cookies all these things will be happened behind the scene by the http session api so right now let me uh show you the code so that it will be more comfortable for you guys to understand and working with session is really really easy and let me prove that with code right now i hope you guys have some some kind of some kind of idea about the session right now so first thing i'm going to do here let me remove all this cookie stuff okay so let me remove all this cookie stuff right here and also inside the process homepage i'm creating cookie somewhere okay so let me remove all these cookies because i am not going to use cookies right now instead i'm going to use session so let me remove all these things from my controller and let me hit command shift o to get rid of all the unnecessary imports and i hope this looks good and also inside the email controller i was retrieving the cookie from here so let me remove the cookies from here as well and i'm also need to remove this model.add attribute from here because i have removed the cookies right and also inside the send email page inside this particular page also i need to retrieve i mean i need to remove this particular thing and i'll be coming back to this particular point later but this is how the things work let me do command shift or to remove all these imports and let me save everything and right now what i will do is i will stop my server i will stop my server and i will restart it again whenever i'll be done with my coding so right now the problem again again we are going to you know solve that particular problem right if i'll go to my if i'll go to my website right now okay let me start the server i will show you uh how exactly uh you know we are going to implement session inside our website and what is our goal right now what we are trying to achieve right now and then we'll start creating a session and we'll see how easy it is to you know work with session and why we should choose it over cookies cool so right now my server is started so right now i am going to go to the root url and here let's say i am going to enter my username as a village crossname is something and i am going to check this box and i will hit calculate i went to the next page and the requirement here is right now sent to your email whenever i'll go to go to this particular page i will display the username here and again whenever i will enter some email and the user will actually hit this particular button you will actually see the username just right here so right now again the requirement is same whenever the user is basically entering his name right here the ur name we need to capture the ur name whatever the name of the user then we need to store it inside the session i mean we need to store this information inside our server memory and the next time the specific object that we want to access let's say next time i want to access the same obvious object or same your name object then i can definitely use the http station to get it right so to make you understand the thing first of all let me go to the home page lc up controller and here is my home page let me hit a command shift r to open this particular page and right now now inside the home page i have actually have my url name and this is the thing that i need to capture okay so this home page is getting called from my lc up controller no problem so right here here basically i told you inside the process homepage whenever we are submitting our homepage here we will have our username i mean we'll have access to our username by using this particular object so what i can do here i can i can do what i can use http session okay you can see this api so you can see this interface http session you need to use this one or if you want to use http servlet request also http servlet request also you can do like this servlet request request and right now from here you will get the session so i'll say request dot get session okay there you go get session okay so you will try to get a session object so what okay let me first handle this one this get session will return me http session so i'll say http session equal to and http session unless the session is equal to request.gas session right and why it is giving me an error i need to have the import right here there we go so from the request object i'm actually fetching the session okay so what this particular lineup code is going to do it is going to actually run the whole process hold the cookie creating process and then adding that cookie to the response object all these things right this particular line is going to take care this is going to run the complete process of creating and managing cookie behind the scene okay so right now this particular method by this particular method what we are trying to say that okay if it is a new user then create a new session and if there is already a session exist if already there is a cookie exist then give me that cookie okay this particular line does mean that okay we are not saying http session session equal to new http session we are simply saying getstation if you have that session give it to me if you do not have this session then create one okay and once you create let's say right now when the user will be first time coming to this particular handler method process home page right now whenever the user will click this particular page and it will go to the next page here we will have we will page this avilash this username right now and we will insert that object to our session right so right now what i'll say session set attribute okay you can see it is taking a key below pair is basically a map right again it will it'll take a key value pair let's say my key is username so i'll say user name here and the value hopefully you guys can hear me and the value is my value is what my username value i'll get from here in this object right uh user info dto so i'll say user info dto dot get username okay there you go you no need to do anything else right you you do not you do not need to do anything else after this code right so right now you have created the session and you are setting the username to the server session and right now you are trying to keep this username inside the server session inside the server memory and whatever the name will be retrieved from from this dto that that will be my username value right now let's say i want to use this username in multiple places as i told you i need to use this username here inside the send email page or whenever the user is filling the email and hitting send i'm going to access that username just right here i need to say hi something so what i will do right now i'll go to lc app controller i'm going to copy this i'm going to copy this username right now let's say i want it inside send email page right so i'll save i'll give braces here and i will say command v okay username and there you go i don't need to do anything else this is not an error if i close this and send email paste okay this error is already gone and this will not give you an error let's say where else we need this particular session let's say after the send email page we also need it inside the process email page so let me do command shift r to open this let me go here and right now also here i can say the same thing i can do command v and this is my station object name and i can wrap this off with a curly brace because this will be dynamic and i will be get this thing and from anywhere okay let's say i'm going to do command s to save everything right now let me stop my server and restart it again and right now we will see we are going to have the hold off the session object or not but the point i want to prove here that we are not dealing with the cookies uh explicitly right all these things will be managed behind the scene by the server and by the http uh session specification okay so right now my server is started so i want to show you something let's say i want to go here to my eclipse browser and right here let's say i want to say your name is let's say right now i'll say my name is john and the cross name is johnny who is this john man he's going to kill me calculate okay so john and johnny are friend send result to your email right now just have a look we are going to get this object john right now on our email page and there you go hi john this is pretty sweet right right now let's say he is entering his email john at the rate uh johnny dot com okay send and again hi john your email sent to johnathorajani.com cute isn't it as a developer we are actually not dealing with a lot of things and our job is pretty simple right now so what we are doing actually we are inside the inside the lc of controller we are creating the session object and inside the session object we are adding this username and we are just putting this particular username inside the session memory and right now this particular object is available to every jsp page to every controller let's say wherever inside any controller if you want you can access this particular you know attribute here we are saying set attribute we will say get attribute to get it okay set attribute to set it or if you do not want to access these things inside the controller you can directly go to your jsp page just like this and just use the session attribute name just to paste the session object from the server memory right right now the only thing i want to show you just to make you uh believe that this is behind the scene it is also using the cookie right so the session behind the scene you just cookie only right so just to preview that thing what i'm going to do i'm going to copy this url and right now i'll go here all these cookies are already gone so let me delete all this thing let me delete all this thing and right here i will go to localhost springlove calculator enter and you can see a cookie has been already created right and this cookie does have a json id this is basically the id that i meant and this is the value so my specific user value is this one uh some random string okay this particular string is the id that the server is using to keep track of me keep track of an user so let's say right now if i am adding something let's say my username is uh john and the cross name is let's say java let me hit calculate button you will see there is no other cookies getting created because whenever the server is accessing the jsp page for the first time it is actually creating the cookie for you right with a jsson id and with a value so if you want to disable this particular feature also you can do it but by default whenever we access the jsp page for the first time the cookie got created right and after that this particular cookie will go back and forth between my client and server and all my information will be stored inside the server session memory and this particular key will be used to track my values which is there inside the server right so let's say right now if i'll if i'll click here send result to your email you can see i am getting hi john and again if i'll add something right here and i'll do send you can see hi john and your email is successfully sent to this and this is the cookie which is getting used if you do not want to believe me what you can do is let's say uh let's say let's say it is saying hi john here right now what i'm going to do let me delete this cookie okay right now if i say send that one is gone right now right now it's not saying hi john because it cannot track me right this cookie has been created later though the one it was using to track me i have deleted that and once i deleted that it cannot track me right who i am so hope that you learned something new it's not new it's very common i have not told you something really fancy or something but yeah that's how the cookies are i mean the session you basically use um whenever the server creates the station it basically gives you a json id and a value for the json id okay this is basically the basically some random string generated by the server okay and as this is a very simple string so see only the data that i have is this much then this will be surely fit into the cookie limitation cookie says okay my size will not be more than 4 kb and no worries we just want to store some kind of simple key there so not a problem right it will be simply fit into the cookie's limitation and we can use it to track the user right cool so one last thing i want to show you let's say let's say let's say what i'm going to do let me give you a specific requirement let's say here it is saying hi john and john and java are friend let's say send result to email okay the cookie has already been deleted so what i'm going to do i am going to go to the home page let me access this particular page again let me give the username as i say david first name as something let me check this box let me hit calculate okay so right now saying david and something are friend sent hi david right now if i'm entering an email it's saying hi debit email has been successfully sent to your email id right now what i want let's say i want to change this to hi mr david if i want to do right let's say right now right now what i'm doing this is my process last process email right this particular url is handling this particular page right so if i'll go to this url let me go to my controller command shift l command v okay there you go process email which is there inside the email controller and there you go let's say inside here inside this particular page process email page what we are trying to do here we are basically accessing the accessing our station directly our session object directly we are accessing it but let's say if we want to do some an operation over that object then the way that we are going to have a hold on it that's basically what we can do again we can write http session or you can write http request whatever from the request also you can get session or directly if you want you can write session session and you can remove this one this guy from here and there you go so right now you got the session object so from the session you can say what session dot get attribute because i want to get that particular table get attribute and my attribute name is what username right user name this this is my session attribute name the one i have created inside the lc app controller right uh right here right let's say i want to get this username here inside the email controller inside a different controller i am getting this username and let's say i am storing this username string username equal to this will basically give you an object so so i can cast it to string so i will get my username value right here so after that i can say username i want to add mr right so i can say mr space plus username is it is going to be a new object right so let's say string new user name okay equal to this and you can give a semicolon here right now you can transfer this data through the model to the process email page and from there you can access this particular object so what i'm going to do here here i can create a model object okay so i can create model model and i can add this to my model so i can say model dot add attribute and i can say i can say the same thing i can say username and i can give the new username to this okay so right now i already have this username object right here inside my process email let me copy this username from here and let me go to this particular page concept r to open this and right here inside this particular page what is going to happen is here i'm trying to page it from the username so first it is going to page from the model if the model is not present then it is going to paste from the session but as right now i have a model attribute available as you can see inside the email controller i am adding this to the model with the same name as username so this is going to find it from the model and if it fails to find it then it is going to find it from the station so as we have a model attribute available right now let's check it out how the things is going to work so as i'm dealing with the session let me stop my server so that all the all the session objects that i have inside the in memory inside the server memory will be deleted a new session will be created by the server and then okay uh the server will manage all the cookies by itself and i can uh you know fulfill my requirement in a very easy way right so if i'll go to home page right now let's see what is going to happen let's say you know my name is john the cross name is johnny uh i'll go to the email page and you can say hi john let's say something some email id he is entering and he is hitting the send button and there you go hi mr john okay so this is the way you can actually have a hold on this particular session object what is happening to my ac you can hear that noise hopefully it is not bugging you guys oh irritating cool but this is how you can actually use your session object and the good thing here is our http session this particular api is taking care of everything creating cookies managing cookies and also giving us the opportunity to store the user information inside our server so that we will not run out of memory but one thing you need to keep in mind so whenever you are working with session be very sure whatever the object you want to put it inside the station if do not just use the session uh api to manage all of your object otherwise it will be a very challenging scenario for you guys uh because your your server has some limited amount of memory if you put all your heavy objects inside the station then obviously you know your server memory will be full and you will run out of memory space so be very sure what are the objects you are adding to the session and whenever it is really really needed at that time only you know add those objects to the station and use the get station attribute or get attribute method just right here uh you know to get the value or set attribute to set the value right hopefully this makes a lot of sense right now whenever i say a station okay [Music] all right so right now what we are going to talk next we are going to talk about how we can handle session uh inside the spring framework right so right now if you see here as i said you right now i am using the session attribute the http session right here i'm accessing the http station directly here so spring framework provides a better way to handle session but that particular annotation is basically not meant for the session spring framework still says if you want to use http session you can use it happily no problem but still there is a very important annotation is there inside the spring api called at sessionnet attribute i'm sorry i i've been speaking for two three hours or more than that probably the annotation name is eight session attribute okay so what is basically the session attribute dodge okay i'm going to tell you about it and we are going to have a uh brief analysis uh on the 8th session attribute in the next video right i'm going to break this video after a few minutes but right now okay before i move to the air session attribute let me tell you let me tell you about a scenario let me let me think how how you guys are going to handle that scenario so imagine that you have a shopping cart website okay just like amazon and right now you are storing the user information inside the server session isn't it so you are using session and let's say you are storing all the user information inside the session so till how long you are going to store those information let's say there is a guy who is browsing your site right and let's say after 15 or 10 minutes of browsing uh he just closed your website and he started browsing something else right so right now you imagine that okay that particular guy will back to my site and will purchase something whatever the things that he had in the cut he is going to purchase that but let's say that guy is never going to come back to your site okay we also do it a whole lot of time right we we go to a specific site we do browse sometime then we are something to cut and we never purchase it does that particular site hold our information forever in the server not really so if you're going to hold all those user information you know inside your server then we will soon run out of memory so we need to make sure for how long we are going to store the session object okay let's say i'm creating a session for a user x okay for how long i'm going to store his information i need to you know decide that right maybe if you want you you you do not want to delete it inside your server that's fine for specific website that particular requirement is still there but for most of the website okay we need to come out of a standard okay after 20 minutes we do not want to hold the user's data or after two two hours or three hours we will not hold the user data so the way we can achieve it we can use session timeout right after a specific time that particular session will be timed out and the data which is there inside the session will be removed and to achieve that okay first let me tell you this because right now here i'm using no xml approach this is a no xml project so we do not have the web.xml file so all these information we basically configure inside the web.xml file because web.xml file is the deployment descriptor and our server reads our configuration whatever the configuration we want to do for our website we can you know place all those things inside the web.xml file and our solver will read all those information from web.xml file but as we do not have a web.xml file right now we have to code the session timeout programmatically but if you have a web.xml file you can use session timeout tag right i'll i can show you that okay so let me have it right here and let me open a new incognito window and right here i can say i think that is session session config okay probably i'm not connected to internet but what you can do is you can use the session config tag right so i'll write that on the screen right now you will be writing the session config and inside the session config tag you will be writing the session timeout okay then you inside the session timeout tag you can provide the time after what the user session will be disconnected okay or the session objects will be removed from the server so now let me come back to my sds but if you want to programmatically configure the session timeout wherever you are basically you know creating the session where i'm creating the session i am creating the session inside the lc up controller here inside this lcf controller what i can say i can say session dot set max inactive interval right and right here i can specify let's say you know 1 20 you know minutes or something just like that okay i can place that you know time just right here inside this particular method and this will make sure that session attribute will be removed from the server after this specific time okay so this is how we can configure the session timeout programmatically and by using the code based approach but if you are using it in web.xml use the session timeout okay this is what i want to say but right now let me do one thing let me remove the session from here i do not want to use the http session right now i'll tell you what is the alternative that we have for http session in our spring framework okay so i think i have removed the http station from everywhere so as you can see i do not have anything right here and i'll do what i will go to anywhere i have used it okay inside this particular place also i'm adding the username to the model attribute inside the process email uh inside this particular controller so let me remove all these things okay and this is not needed right now okay and also i need to remove the session attribute name from the send email page in the process email page because right now i will have a different approach to retrieve this particular thing not by using the http session because i want to use the session attribute here not the normal http session okay so let me hit command s and let me stop the server right now let me tell you that how you can use the spring framework to you know handle your session management so right now let's say let me go again to the lc app controller right now i have removed everything right now we will use the spring framework uh to store the user info dtos username filled inside the session and how we are going to do that how we are going to achieve that if we are not going to use the http session that is the question guys for this you can simply use the annotation and the annotation name is eight session attribute oh sorry add session attributes because here we can actually store multiple attributes multiple objects to the session so this 8 session attribute does what it is basically going to store the objects that we want to store inside the session it is going to run the whole process behind the scene and it is going to use the http session behind the scene to store our objects right so right now let's say i can give a bracket here and right here let's say i want to store this particular object let's say user info dto object this is my model object right let's say this object i want to store inside the session okay inside this object i have my username as i told you right inside the user info d2 object inside this particular class i have my name so what i can do i can copy this and i can place it right here so i am placing my model attribute name inside the session attribute so what is going to happen here is whenever spring is going to put the data put the user info data inside a model attribute inside the model whenever it is going to put the user in for data it is also going to put the same data or it is going to put the same object inside the session okay and that particular object will be there inside the http session okay this particular guy is going to use the http session behind the scene well this can be configurable you if you want you do not want to store it inside the http station you want to store it somewhere in a different place or inside a database you we can absolutely do that and we will be doing that later but right now understand that only we can store model attributes or model objects inside the session attribute this is the first point the second thing is let's say let's say right now this particular object i want to store in the session and from this object let's let's say i'm i'm copying this one and right now if i'll go to let's say a process email page right here we want the object right i mean we want the username object so what i can do command v user in particular dot user name okay there you go and let me copy this again also inside the send email i need to write the same thing command b so let me do command s right now let me do command s and let me start the server and let's see whether our thing is working fine or not and whether i'm able to log my data in each jsp pages right so i know the thing is not going to work there is a specific cache there is a specific thing that we need to understand so knowingly i'm making a mistake here so i know it is not going to run okay let me go to my google chrome and right here now let me hit this particular page enter okay i got my page let's say i am giving some username let's say john and shawnee let me hit calculate so i came to the next page right here and let me click the send result to your email let me see whether i'm getting this in the next page okay here i'm not getting the john here the username here and also in the next page also i'm not getting the username here but i would have get an error right here but why why it didn't give me an error i did a mistake oh there you go there you go so see here inside the session attributes i should have stored the model attribute my model attribute name is user info let me copy this user info and let me place it here i have actually copied this particular name i should have copied the model attribute name this particular name should match with my model attribute name okay i mean i should have only stored those thing to the session which is there inside my model right so i have done a mistake so let me restart my server and that's why i i was thinking that why i am not getting an error and this is the reason i have written wrong code here so let me go to the you know homepage again and there you go whenever i am i am trying to access the home page see what is going to happen here it is saying expected session attribute user info okay and it is giving you an exception called http session required exception it is saying that it is expecting the user info object which is not there inside the session okay but but if you see here so here if you see i have this user info inside the session attributes but why i'm getting an error here and it is saying that expected session attribute user info it is saying that i do not have a session attribute called user info inside the session but i already have it right if i'll go here i already i already have it here right so the reason why i'm getting an exception that's because whenever whenever you'll have a at model attribute this particular thing will not work okay so here we are telling spring that we need to store this particular object or this particular model attribute inside the session and spring says okay no problem i'm going to save this particular object inside the session but you make sure that first you will be adding this particular thing to the model attribute by yourself so add model attribute whenever i was explaining you this particular annotation i told you guys that this is a shortcut right what what is the actual way of putting something in the model i will create something called model model right and i'll do command shift o to import my model interface and right here i should say model add attribute this is going to be my model name so let me say command v model name and let me put it inside quote there you go and the attribute value the attribute value will be user info dto instance right so whenever i write like this spring is basically going to create the user info d2 object for myself right so manually i do not need to write user info dt or dto equal to new user info youtube because spring basically does it by itself but right now i need to pass the user info dto by myself right i need to write new user info dto there you go so this particular line is basically the replacement of this so right now there is no need to write the model attribute just like this because i have rewrite the same thing right here okay so right now we are creating the user info d2 object manually and we are also adding the user information to the model by giving a model name as user info and we are placing the same model attribute name right here inside the session attribute right now if i'll do command s right now as i'm manually adding it right here let's let me see whether the things are working fine so let me start my server again and hopefully things will work fine so what the session attribute says that so spring will check what if we have a ad session attributes first of all we should have add the model attributes manually to the model and the model attribute name and the session attribute name should be same right so right now let me go to chrome and let me hit this and right now our page is loaded fine and right here i can say abhilash crushed name is let's say avilas one two three something okay i have a cross on myself i can hit calculate result and still right now i am not able to log the username right here why uh it should have work right so let me check inside the process email page okay so there you go if you see the process email page right now this particular dto name also we need to change right so if i'll go to my email controller sorry i'll go to my lc up controller right here my session attribute name is user info so i need to copy this user info this is going to be my session object or this is the object which stores the user info dto from here i can page whatever i want let's say i'll go to the send email page and here instead of saying user info dto let me change it to user info let me do command s and also let me go to result page not the result page process email page and right here also i need to paste i need to change the session attribute name and hopefully 100 percent the things will work right now i'm damn sure about it let's say a village calculate uh send result to email and there you go hi obilash and if i write something right here send and again it will say hiyabila so right now you can see how simple the session attribute is to use so only thing you need to make sure is whenever you are adding the session attribute right here this should be your model object name and if you want you can add multiple objects right here let's say there are multiple model attributes you are using right here so you can use a curly brace right here and you can keep adding your attributes just like this because model attributes basically takes an array if you have multiple model attributes you can keep adding your attributes just like this and you can access all these attributes right there inside your jsp page right and if you see right now i have only this piece of code and this particular piece of code basically pushing this particular object user info to session and wherever i want it i am actually using it by directly calling uh the object based on the reference called userinfo and this is pretty nice isn't it and it's session attributes right now does the trick for us okay guys so so far we have learned the add session attribute but do not get an assumption that you have learned the accession attribute pretty well because this particular annotation is really really tricky so if you talk about the 8th session attribute is just not a normal spring mbc annotation the 8th session attributes works in a different way very it is a very important annotation and as a developer as a spring developer it is very very important that you should understand the add session attribute whatever we learned so far it is nothing we are just putting the model attribute name just right here and again we are taking this variable name and wherever we want we are just accessing it this is very simple but there are a lot of loophole and if you do not know it then it is going to be really really challenging to fix some bugs or it will put you into some serious trouble so it is better that we'll talk about the air session attributes um in a different episode and we will you know spend around a hour or one and a half hour only talking about this particular annotation because it is important and then again we will start developing our application right now we are basically done a very good job we only need to give the implementation for this email because we need to send email in real right it's not some kind of just dummy pages and also we need to have a logic to calculate this particular this particular result so let me stop this video right now and again i'm going to shoot it after 5 or 10 minutes so bye bye till then and do like if you are liking it and also do subscribe if you want and also follow me on instagram if you want like my facebook page also if you want and also join the selenium express support facebook group if you have any question okay so enough of promotion i'll see you after a while take care till then bye bye and happy coding [Music] [Music] so [Music] you

Info

Channel: Selenium Express

Views: 42,152

Rating: undefined out of 5

Keywords: java session, cookies java, spring mvc session management, session in spring mvc, httpsession in java, difference between cookies and session, how cookies work in session handling, @sessionattributes in spring mvc, @sessionattributes, java session management, @cookievalue, session timeout, spring mvc, spring mvc tutorial, spring boot mvc, spring boot web application, selenium express, HttpSessionRequiredException, ModelAttribute and SessionAttributes, SessionAttributes, abhilash

Id: cpFfzE9eGT0

Channel Id: undefined

Length: 103min 18sec (6198 seconds)

Published: Sun Aug 23 2020