Published on

Published in: Education, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. P R E S E N T E D B Y : D U R L A B H G I R I P U N J E A M I T K U M A R S I N G S A M I T K U M A R K A P A T A S H I F K H A N Stateless Protocol HTTP Request & Response Cycle Cookie, Session
  2. 2. Stateless Protocol • A protocol which is incapable of remembering the results and data associated with the transactions it governs. • The best - known stateless protocol is the HYPERTEXT TRANSFER PROTOCOL (HTTP).
  3. 3. Stateful Protocol • A protocol which is able to remember and store details of the transactions which it governs. • A good example of such a protocol is the FILE TRANSFER PROTOCOL (FTP) which, for example, remembers the identity of the client that is using it to DOWNLOAD files.
  4. 4. Stateless Protocol: Advantage & Disadvantage  Advantage: The stateless design simplifies the server design because there is no need to dynamically allocate storage to deal with conversations in progress.  Disadvantage: A disadvantage is that it may be necessary to include additional information in every request and this extra information will need to be interpreted by the server.
  5. 5. Working of Stateless Protocol
  6. 6. The most interesting pieces of information contained in the request are: The IP address of you and/or your HTTP proxy Which document you requested Which version of which browser you're using Which page you came from to get here (if you followed a link) Your preferred language(s)
  7. 7. COOKIE What is Cookie?  It is a piece of text stored by a user's web browser.  Cookie Types  By Lifespan - Session Cookies - Persistent Cookies
  8. 8. Setting a cookie Host: browser → server Content-type: text/html Set-Cookie: name=value (content of page) browser ← server Host: Cookie: name=value Accept: */* browser → server
  9. 9. Set a cookie setcookie(name [,value [,expire [,path [,domain [,secure]]]]]) name = cookie name value = data to store (string) expire = when the cookie expires. Default is that cookie expires when browser is closed. path = Path on the server domain = Domain at which the cookie is available for. secure = If cookie should be sent over HTTP connection only. Default false. Set-Cookie: name=newvalue; expires=date; path=/; Set-Cookie: RMID=732423sdfs73242; expires=Fri, 31-Dec-2010 23:59:59 GMT; path=/;
  10. 10. Advantage And Disadvantage of Cookies  Advantage  Acts as your identification card  It maintain the session between the client and server  Page will be displayed quickly  Disadvantage  Use as a spyware  Storage
  11. 11. Some facts of Cookie… Each cookie on the user’s computer is connected to a particular domain. Each cookie be used to store up to 4kB of data. A maximum of 20 cookies can be stored on a user’s PC per domain. Browsers are preprogrammed to allow a total of 300 Cookies, after which automatic deletion based on expiry date and usage
  12. 12. Session In computer science, in particular networking, a session is a semi- permanent interactive information interchange. It is also known as:- Dialogue Conversation or meeting. A session is between :- Two or more communicating devices A computer and user
  13. 13. A session may be implemented as part of protocols and services at the Application layer Ex-HTTP Sessions, TELNET remote login sessions Session layer A session initiation protocol based internet phone call Transport layer A TCP session which is synonyms of TCP connection or established TCP sockets.
  14. 14. Types of session Session implemented using software TCP sessions are typically implemented in software using multithreading. A new process or thread is created when the computer establishes or joins a Session. The advantage with multiple processes or threads is relaxed complexity of the software, since each thread is an instance with its own history and encapsulated variables. The disadvantage is large overhead in terms of system resources, and that the session may be interrupted if the system is restarted.
  15. 15. Server side web sessions Server-side sessions are handy and efficient, but can become difficult to handle in conjunction with load-balancing/high-availability systems and are not usable at all in embedded systems with no storage. The load-balancing problem can be solved by using shared storage. A method of using server-side sessions in systems without mass-storage is to reserve a portion of RAM for storage of session data. This method is applicable for servers with a limited number of clients (e.g. router or access point with infrequent or disallowed access to more than one client at a time).
  16. 16. Client side web sessions Client-side sessions use cookies and cryptographic techniques to maintain state without storing as much data on the server. When presenting a dynamic web page, the server sends the current state data to the client (web browser) in the form of a cookie. The client saves the cookie in memory or on disk. With each successive request, the client sends the cookie back to the server, and the server uses the data to "remember" the state of the application for that specific client and generate an appropriate response. To improve efficiency and allow for more session data, the server may compress the data before creating the cookie, decompressing it later when the cookie is returned by the client.
  17. 17. HTTP session token A session token is a unique identifier that is generated and sent from a server to a client to identify the current interaction session. The client usually stores and sends the token as an HTTP cookie and/or sends it as a parameter in GET or POST queries. The reason to use session tokens is that the client only has to handle the identifier—all session data is stored on the server (usually in a database, to which the client does not have direct access) linked to that identifier.
  18. 18. Thank You