I have two web application related questions:
i) If a web application contains two servlets and a customer accesses these two servlets using proper URLs, how many sessions are created? One or two?
ii) Could one use HTTPS for one servlet and not for the other? Does this make sense?
Thanks!
i) If a web application contains two servlets and a customer accesses these two servlets using proper URLs, how many sessions are created? One or two?
One customer always creates one session to the web application with one browser - so whether he accesses one servlet or many, they are all part of the same HttpSession - until the session times out. i.e. idle time
ii) Could one use HTTPS for one servlet and not for the other? Does this make sense?
Yes you can can configure the url-pattern for https to include one servlet and keep the other outside of it, that is absolutely possible - but it depends on the sensitivity of your page. the usual rule-of-thumb some follow is, if you have any page which is sensitive enough for https, then why not the whole app on https.
