DEV Community

Prasanth
Prasanth

Posted on

HttpSession

What is HttpSession?

  • HttpSession is a part of Java’s Servlet API that helps a web application temporarily store and remember user-specific data (like name, email, role, etc.) across multiple requests (pages).

  • Httpsession is used store data per user across multiple Http request(like web app remember a user's data while they move between pages)
    .it helps for spring boot remember a user between requests/pages like a temporary memory for each logged in user.

  • Httpsession is interface ,

  • memory Location: server side

  • Timeout duration: Default 30 min

  • Store format:key-value(string-object)

  • Real-life usage:Login.cart,dashboard,preferences.

when user login in , you can store their name in the session:
session.setAttribute("key", value);
session.setAttribute("username", "Prasanth");
Later, another method ,you can get it back:
String name = (String) session.getAttribute("username");
session.getAttribute("key");

  • Even though user movers between pages, their name stays stored in the session , until that user log out or session expires.

why to use HttpSession?

  • Because Http is stateless -> like by default , each request does not remember anything about previous ones.
    so we use HttpSession to:
    useCase:-

  • user login -> keep user info save across pages

  • shoppig cart -> store selected item temporarily.

  • preference -> store user setting ,them,laguage

  • Prevent re-login -> Avoid asking for details again and agian.

Why HttpSession Is Useful?

  • Avoids using database for every small detail
  • Works even if user switches pages
  • Fast, lightweight, temporary (auto clears after timeout)

With Session?

  • You log in once, and your info is remembered until you:
  1. Logout Or close the browser Or session times out

Stores data like:

  • username
  • user ID
  • shopping cart
  • user preference

Without Session?

  • Every page would forget who you are.
  • You’d have to log in again and again

Example:

  • You visit a login page → enter name → click login
  • The next page doesn't remember what you did earlier unless you store it (like using HttpSession)


Features of HttpSession:

  • Stores user data => Temporarily stores data for each user (e.g., login info, cart)
  • Unique per user => Each user gets a separate session
  • Set & get values => You can store and retrieve values using setAttribute / getAttribute
  • Auto session ID=>Automatically assigns a unique session ID to each user Secure Can be configured to expire or invalidate when needed.

Where is it stored?

  • Data is stored on the server side (in RAM or temporary session storage)
  • Only the session ID is sent to the client (browser) via a cookie.

Duration of Session (Timeout)
Type:-

  1. Default timeout=>Usually 30 minutes (can be changed in configuration)
  2. Manually expired =>You can call session.invalidate(); to end the session 3.Configurable Set time using session.setMaxInactiveInterval(600); // 10 min

Where it comes from?

  • HttpSession is an interface

    Comes from the jakarta.servlet.http.HttpSession package
    (Earlier it was javax.servlet.http.HttpSession)

How to use it?
// Store data
session.setAttribute("username", "Prasanth");

// Get data
String name = (String) session.getAttribute("username");

// Remove data
session.removeAttribute("username");

// Invalidate session
session.invalidate();

Top comments (0)