How to manager HTTP Session in JSP Servlet?

Since HTTP is a stateless protocol its not possible to identify that two separate HTTP request is coming from same client and HTTP session management handle that issue for us. By maintaining a session for each client at the Server side, we can serve the client better, for example, you can store authentication and authorization information in session to prevent authenticating client for each HTTP request like in an online banking system, a session is created when a user is successful authenticated and session is maintained at server untile clients logout or session times out. If you have to write such online banking system using Java and Java EE technologies like Servlet and JSP then main question arises is how to do session management in JSP?

There are mainly three ways to manage session in JSP applications 1) using hidden html fields 2) using Cookie and 3) using URL rewriting. In Cookie small piece of information is stored in client machine but User can turn off this option and may be there is case of browser not supporting cookies, on all those cases URL rewriting is the best option to manage session in JSP Servlet application. JSTL core tag library provides tag which can encode URL for managing session.