Web Technologies Lecture 6 State preservation. Motivation How to keep user data while navigating on a website? – Authenticate only once – Store wish list.

Slides:

Advertisements

Similar presentations

Web Programming 1 Darby Chang Web Programming. Cookie 2 Web Programming.

Advertisements

Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.

DT228/3 Web Development multi page applications/ sharing data.

15 Chapter 15 Web Database Development Database Systems: Design, Implementation, and Management, Fifth Edition, Rob and Coronel.

Outline IS400: Development of Business Applications on the Internet Fall 2004 Instructor: Dr. Boris Jukic Server Side Web Technologies: Part 1.

XP Tutorial 9 New Perspectives on JavaScript, Comprehensive1 Working with Cookies Managing Data in a Web Site Using JavaScript Cookies.

Does Ajax suck? CS575 Spring 2007 Chanwit Suebsureekul.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

Application Layer  We will learn about protocols by examining popular application-level protocols  HTTP  FTP  SMTP / POP3 / IMAP  Focus on client-server.

1 The World Wide Web. 2  Web Fundamentals  Pages are defined by the Hypertext Markup Language (HTML) and contain text, graphics, audio, video and software.

Web Browsers It is an application software that is used to display and interact with text, images and other information located on web pages at web sites.

Web Programming Language Dr. Ken Cosh Week 1 (Introduction)

Christopher M. Pascucci Basic Structural Concepts of.NET Browser – Server Interaction.

 A cookie is a piece of text that a Web server can store on a user's hard disk.  Cookie data is simply name-value pairs stored on your hard disk by.

Sys Prog & Scripting - HW Univ1 Systems Programming & Scripting Lecture 15: PHP Introduction.

Chapter 25 Utilizing Web Storage.

FALL 2005CSI 4118 – UNIVERSITY OF OTTAWA1 Part 4 Web technologies: HTTP, CGI, PHP,Java applets)

Comp2513 Forms and CGI Server Applications Daniel L. Silver, Ph.D.

Chapter 16 The World Wide Web Chapter Goals Compare and contrast the Internet and the World Wide Web Describe general Web processing Describe several.

思科网络技术学院理事会. 1 Application Layer Functionality and Protocols Network Fundamentals – Chapter 3.

Chapter 16 The World Wide Web. 2 The Web An infrastructure of information combined and the network software used to access it Web page A document that.

About Dynamic Sites (Front End / Back End Implementations) by Janssen & Associates Affordable Website Solutions for Individuals and Small Businesses.

Working with Cookies Managing Data in a Web Site Using JavaScript Cookies* *Check and comply with the current legislation regarding handling cookies.

CSE 154 LECTURE 12: COOKIES. Including files: include include("filename"); PHP include("header.html"); include("shared-code.php"); PHP inserts the entire.

CS453: State in Web Applications (Part 1) State in General Sessions (esp. in PHP) Prof. Tom Horton.

20-753: Fundamentals of Web Programming Copyright © 1999, Carnegie Mellon. All Rights Reserved. 1 Lecture 7: HTTP and CGI Fundamentals of Web Programming.

Chapter 8 Cookies And Security JavaScript, Third Edition.

12/3/2012ISC329 Isabelle Bichindaritz1 PHP and MySQL Advanced Features.

Session Tracking - 2 Lec 32. Last Lecture Review  Session Tracking – why?  Need to store state – typical solutions Cookies – already learned URL Rewriting.

1 Maryland ColdFusion User Group Session Management December 2001 Michael Schuler

Chapter 6 Server-side Programming: Java Servlets

SEC835 Runtime authentication Secure session management Secure use of cryptomaterials.

STATE MANAGEMENT.  Web Applications are based on stateless HTTP protocol which does not retain any information about user requests  The concept of state.

Lecture 9: AJAX, Javascript review..  AJAX  Synchronous vs. asynchronous browsing.  Refreshing only “part of a page” from a URL.  Frameworks: Prototype,

® IBM Software Group © 2007 IBM Corporation Best Practices for Session Management

Web Database Programming Week 7 Session Management & Authentication.

Cookies and Sessions IDIA 618 Fall 2014 Bridget M. Blodgett.

Maintaining Application State MIS3502: Application Integration and Evaluation Paul Weinberg Presentation by David Schuff.

Cookies Bill Chu. © Bei-Tseng Chu Aug 2000 Definition A cookie is a TEXT object of max 4KB sent from a web server to a browser It is intended for the.

Chapter 29 World Wide Web & Browsing World Wide Web (WWW) is a distributed hypermedia (hypertext & graphics) on-line repository of information that users.

The Problem of State. We will look at… Sometimes web development is just plain weird! Internet / World Wide Web Aspects of their operation The role of.

CP476 Internet Computing CGI1 Cookie –Cookie is a mechanism for a web server recall info of accessing of a client browser –A cookie is an object sent by.

Web Technologies Lecture 8 Server side web. Client Side vs. Server Side Web Client-side code executes on the end-user's computer, usually within a web.

Internet Applications (Cont’d) Basic Internet Applications – World Wide Web (WWW) Browser Architecture Static Documents Dynamic Documents Active Documents.

Summer 2007 Florida Atlantic University Department of Computer Science & Engineering COP 4814 – Web Services Dr. Roy Levow Part 1 – Introducing Ajax.

Fundamentals of Web DevelopmentRandy Connolly and Ricardo HoarFundamentals of Web DevelopmentRandy Connolly and Ricardo Hoar Fundamentals of Web DevelopmentRandy.

1 State and Session Management HTTP is a stateless protocol – it has no memory of prior connections and cannot distinguish one request from another. The.

ISDS 4120 Project 1 DWAYNE CARRAL JR 3/27/15. There are seven layers which make up the OSI (Open Systems Interconnection Model) which is the model for.

October 7 th, 2010 SDU Webship. What did we learn last week? jQuery makes it really easy to select elements and do stuff with them. jQuery can process.

Computer Network Architecture Lecture 6: OSI Model Layers Examples 1 20/12/2012.

1 Chapter 22 World Wide Web (HTTP) Chapter 22 World Wide Web (HTTP) Mi-Jung Choi Dept. of Computer Science and Engineering

ASP.NET WEB Applications. ASP.NET  Web application framework developed by Microsoft  Build dynamic data driven web applications and web services  Subset.

Distributed Web Systems Cookies and Session Tracking Lecturer Department University.

111 State Management Beginning ASP.NET in C# and VB Chapter 4 Pages

VIRTUAL NETWORK COMPUTING SUBMITTED BY:- Ankur Yadav Ashish Solanki Charu Swaroop Harsha Jain.

National College of Science & Information Technology.

Cookies Tutorial Cavisson Systems Inc..

Web Programming Language

World Wide Web policy.

PHP / MySQL Introduction

What is Cookie? Cookie is small information stored in text file on user’s hard drive by web server. This information is later used by web browser to retrieve.

The Application Lifecycle

Web Systems Development (CSC-215)

HTML5 and Local Storage.

Web Programming Language

CSc 337 Lecture 27: Cookies.

[Based in part on SWE 432 and SWE 632 materials by Jeff Offutt, GMU]

Information Retrieval and Web Design

CSc 337 Lecture 25: Cookies.

Presentation transcript:

Web Technologies Lecture 6 State preservation

Motivation How to keep user data while navigating on a website? – Authenticate only once – Store wish list or shopping cart items while browsing an online shop – Remember user preferences when displaying a page

Stateless vs. stateful State – a set of conditions at a moment of time – Computers are inherently stateful in operation Describe whether or not a computer is designed to note and remember one or more preceding events in a sequence of interactions Stateful means that a computer keeps track of the state of interaction Stateless means that no record of previous interactions are kept and that each interaction request is handled solely based on information that comes with it

Sessions A semi-permanent interactive information interchange Set up or established at a certain point in time Basic requirement to perform connection- oriented communication Enables stateful communication

Stateless protocol Protocol that treats each request as an independent transaction Communication consists of a paired request- responses It does not require the server to retain session information Examples – IP – HTTP

Stateful protocol Requires keeping the internal state on the server Examples – FTP During a session the user provides authentication details and sets various variables All details are stored on the server as part of the user state

Pros and cons Advantages of stateless communication – Simplifies the server design – No need to dynamically allocate storage – If client dies in mid-connection no need to clean up the state However – Requires additional information in every request – The information needs to be processed on the server

Stateful HTTP Keep information between different requests Useful in many cases – Stores user information when navigating a website Authentication credentials Shopping cart items Search preferences HTTP is stateless  need artificial constructs – Hidden form variables – HTTP Cookies – Web Storage (HTML 5) – Server side session variables – URL rewriting using URI-encoded parameters

Client side web sessions State information is kept on the client Approaches – Hidden variables – Cookies Format: cookieName=cookieValue Handled using Javascript document.cookie="username=John Doe; expires=Thu, 18 Dec :00:00 UTC";

Data flow 1.Server sends current state to client 2.Client stores state in a cookie – In memory – On disk 3.For each successive request client sends cookie information to server 4.Server uses cookie data to remember the state of the web application

Client side issues Prone to tempering from user or locally installed software When confidentiality and integrity is required – Only the server must be able to interpret the data – Only the server should manipulate data – Only the server should initiate valid sessions – Encryption is required Cookies should be small to avoid communication overhead – Data compression may be needed for large session data Logout not fully implemented – Clients can drop cookies but data can be resent by the server

Web storage Alternative to cookies Implemented in HTML 5 Advantages – Security – Can store more data than a cookie (>5Mb) – Information is never transferred to the server – Local storage is per origin All pages from one origin can store and access the same data

Using web storage localStorage object localStorage.setItem("lastname", "Smith"); var name = localStorage.getItem(“lastname”); localStorage.removeItem("lastname"); sessionStorage object – Similar methods to localStorage – It keeps data only for the current session If the tab is closed data is lost

Server side web sessions Full control of the session – Can terminate a session on demand Existing frameworks can reduce the amount of code to handle sessions – Apache Shiro Can handle larger data than a cookie Only reference to session ID is sent over HTTP as a cookie Implementation can change independent on client

Server side issues More points of failures – If DB is down sessions cannot by created, updated, or validated More overhead in handling sessions – Requires asynchronous DB write Web applications can only verify a session by communicating with the server

What’s next? AJAX – Synchronous vs. asynchronous JQUERY Server side programming Web services Cloud computing