Servlet API will use one of the underlying traditional mechanisms like cookies, URL rewriting, but that will happen behind the scenes and you need not worry about it!
Every request is associated with an Http Session object.
An important note to you, session is not a bullock cart.
It should be used sparingly for light weight objects. Http Session should be used for session management and not as a database.
At the end of that article I have given a preview about “5. An elite way to manage the session in servlets is to use API.
Any web server supporting servlets will eventually have to implement the servlet API.
The default session timeout can be changed by two ways1. Programatically But when to use configuration and when set it Programatically ?
This setting will set timeout to 15 minutes globally to all sessions to be created by web container.
It can be retrieved using get Session(boolean create) available in Http Servlet Request.
It returns the current Http Session associated with this request or, if there is no current session and create is true, and then returns a new session.
In a previous article I discussed about methods used for session tracking.
It has fundamental information about what a session is and how to manage it. Just to recap, session is a conversion between a server and a client.
set Attribute(String name, Object value) adds an object to the session, using the name specified.