A session can be defined as a number of requests made by a particular client over a period of time

Session management can be used to keep track of the information of a web user in a session, such as number of requests etc.

Java session management is helpful in storing the information of user, application security and for timing out a session

Improper authentication and session management results in disclosure of the user’s identity by stealing passwords, keys and session tokens

  1. A session can be defined as a conversation between a server and a client
  2. When there is a series of continuous requests and responses from the same client to a server, the server cannot identify from which client it is getting requests as HTTP is a stateless protocol
  3. When there is a need to maintain the conversational state, session tracking is needed
  4. Different methods of session tracking are Cookies, URL Rewriting, Hidden Fields, Session Objects etc.