Want to know how a request is processed by multiple servers maintaining the same user session.
For example: We log-in to IRCTC and try to book a ticket. During payment IRCTC lists out multiple bank options with radio buttons for online transaction. Assuming that I decide to do transaction using CITI bank, when I click on CITI Bank radio button I am redirected to CITI Bank website transaction page i.e you will see URL is switched from IRCTC Website to CITI Bank URL. It means I am completely out of IRCTC and switched to CITI BANK website. Now when my payment transaction is completed, I am switched back to IRCTC website from CITI Bank website WITHOUT ENDING THE USER SESSION i.e when I am switched back from CITI bank URL to IRCTC after completing transaction the user session is maintained in logged-in state.
I would like to know how this works.
I am using Struts frame work. Kindly help me in this regard and implementing the same with some examples.
Assuming IRCTC using struts (Jsp/Servlets), which struts component takes the resposibility to send the details of IRCTC to Citi bank and recieve back detials form CITI bank to IRCTC. Is it possible using Requestdispacter.sendRedirect() OR somthing else ?
Thanks,
The session management server records various session information, including: session inactivity and lifetime timeout information, login activity, and concurrent log in information. The session management server records session statistics information, such as the number of users that are currently logged in.
Sessions are maintained automatically by a session cookie that is sent to the client when the session is first created. The session cookie contains the session ID, which identifies the client to the browser on each successive interaction.
A session ID, also known as a session token, is a unique number ID assigned by a website server to a specific user for the duration the user is on the website. This session ID's storage is in the form of a cookie, form field, or URL. Each time a user opens a web browser and visits a website, a session ID is generated.
Session management refers to the process of securely handling multiple requests to a web-based application or service from a single user or entity. Websites and browsers use HTTP to communicate, and a session is a series of HTTP requests and transactions initiated by the same user.
There is something called session replication. It is used in clusters to have all cluster nodes use the same session information. Read the linked site or other resources on how session replication works, if you're curious.
But the systems don't need to share a whole session object. In your case it looks like you're leaving one server and later come back without any special session treatment. The session was just never closed. As if you'd log in in to your favorite web mail site, then move to a completely different page and go back to your web mail site. The session is still there. You're still logged in.
So probably IRCTC site passes some information to the CITI bank site which is required for CITI to process the request along with a token (just a number in the simplest case). When CITI bank is done it calls a IRCTC server with the result code and the token. Using the token the IRCTC server can associate the result code with your session. Then CITI bank just redirects your browser to a IRCTC page. The server there has a updated session an can present you the next page in your order process.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With