Results 1 to 13 of 13
  1. #1
    java_on_fire is offline Member
    Join Date
    Mar 2010
    Posts
    19
    Rep Power
    0

    Default Using HttpSession in JSP

    Hello all again,

    Something i'm not understanding. I have two JSP pages, index.jsp that submits to servlet A and result.jsp that gets the (request, response) through RequestDispatcher from servlet A. In servlet A, i get a session from HttpSession and set its attribute with a user name parameter i get from index.jsp.

    When i test above application with Internet Explorer cookies disabled by writing this simple line of code <%= session.getAttribute("username")%> in the result.jsp, the result.jsp page shows me the input from the index page? how so? shouldn't the output from the result.jsp page be null because cookies were disabled and i didn't use URL rewriting!!

    Thanks.

  2. #2
    travishein's Avatar
    travishein is offline Senior Member
    Join Date
    Sep 2009
    Location
    Canada
    Posts
    684
    Rep Power
    5

    Default

    well, when you do server side forwarding thru the request dispatcher it kind of internally chains the request from the servlet to the result.jsp, so each and every time the browser without cookies hits the index.jsp, a new session would be created, and the value on the form is just passed on to the result.jsp. (hint: use the tomcat manager application, if you have it enabled, you should be able to see the number of sessions for your webapp increase with each page hit from the browser)
    so its not really a session, hitting reload on the result.jsp should likely show null now right.

  3. #3
    java_on_fire is offline Member
    Join Date
    Mar 2010
    Posts
    19
    Rep Power
    0

    Default

    Quote Originally Posted by travishein View Post
    well, when you do server side forwarding thru the request dispatcher it kind of internally chains the request from the servlet to the result.jsp, so each and every time the browser without cookies hits the index.jsp, a new session would be created, and the value on the form is just passed on to the result.jsp. (hint: use the tomcat manager application, if you have it enabled, you should be able to see the number of sessions for your webapp increase with each page hit from the browser)
    so its not really a session, hitting reload on the result.jsp should likely show null now right.
    What I understood from using the HttpSession that the first time you use request.getSession() the container will check for an existing session ID sent in the request header from the browser if one doesn’t exist then container will create a new session and use cookie to send new session ID in the response header so the client can send that session ID next time it makes the request.

    I was experimenting with this yesterday and instead of forwarding the (request, response) to the JSP, I used the PrintWriter inside my servlet and the result.jsp showed null!?

  4. #4
    arun9683 is offline Member
    Join Date
    Jun 2010
    Location
    Bangalore,India
    Posts
    70
    Rep Power
    0

    Default

    Session is server side and cookie is client side.. When you start an application inbuilt session is created which will expire in 30 min(default) or you need to explicitly invalidate the session.
    Arun K R,Bangalore,India
    :)

  5. #5
    java_on_fire is offline Member
    Join Date
    Mar 2010
    Posts
    19
    Rep Power
    0

    Default

    Quote Originally Posted by arun9683 View Post
    Session is server side and cookie is client side.. When you start an application inbuilt session is created which will expire in 30 min(default) or you need to explicitly invalidate the session.
    hmmm, possibility but i still need to know with cookies disabled and no URL writing how would the container do the session work and internally pass the jsessionid when using forward of the RequestDispatcher?

    Thanks.

    update: How come when i used the PrintWriter the container didn't use the default built in session! because the result.jsp showed null when i had cookies disabled with no URL rewriting.

  6. #6
    Tolls is offline Moderator
    Join Date
    Apr 2009
    Posts
    11,450
    Rep Power
    18

    Default

    It doesn't need to know.
    Forward maintains the session, as said above...I don't quite see what it is you're having problems with?

  7. #7
    java_on_fire is offline Member
    Join Date
    Mar 2010
    Posts
    19
    Rep Power
    0

    Default

    Quote Originally Posted by Tolls View Post
    It doesn't need to know.
    Forward maintains the session, as said above...I don't quite see what it is you're having problems with?
    Tolls,
    I wanted to understand when using forward, how is the container doing the jsessionid in the reponse when cookies are disabled and no URL rewriting but jsp still get the value in the session.getAttribute("something")? but apparently forward is taking care of that.

    Another question Tolls,
    last night i was doing an HttpSessionListener example, when i opened a new browser or a new tab in the same browser *IE* the sessioncounter++ remains 1, but when i opened a different browser *firefox* the sessioncounter++ will be 2, how do you explain this? is that normal?
    Last edited by java_on_fire; 07-22-2010 at 04:21 PM.

  8. #8
    Tolls is offline Moderator
    Join Date
    Apr 2009
    Posts
    11,450
    Rep Power
    18

    Default

    You forward to the JSP, but you still haven't left the server. It's no different (frankly) to a method call. It doesn't go to the client so cookies and URL rewriting is irrelevant.

    As for your other question, with or without cookies?

  9. #9
    java_on_fire is offline Member
    Join Date
    Mar 2010
    Posts
    19
    Rep Power
    0

    Default

    Quote Originally Posted by Tolls View Post
    You forward to the JSP, but you still haven't left the server. It's no different (frankly) to a method call. It doesn't go to the client so cookies and URL rewriting is irrelevant.

    As for your other question, with or without cookies?
    with cookies enabled.

    Thanks.

  10. #10
    java_on_fire is offline Member
    Join Date
    Mar 2010
    Posts
    19
    Rep Power
    0

    Default

    Quote Originally Posted by Tolls View Post
    You forward to the JSP, but you still haven't left the server. It's no different (frankly) to a method call. It doesn't go to the client so cookies and URL rewriting is irrelevant.
    Tolls, you just made my day, thank you thank you thank you.

  11. #11
    Tolls is offline Moderator
    Join Date
    Apr 2009
    Posts
    11,450
    Rep Power
    18

    Default

    OK, then it'll be the same session on IE, but since Firefox doesn't share the same cookies as IE there isn't a session cookie available, so it creates a new session.

    So IE has one session (and cookie), and Firefox has another one.

  12. #12
    java_on_fire is offline Member
    Join Date
    Mar 2010
    Posts
    19
    Rep Power
    0

    Default

    Quote Originally Posted by Tolls View Post
    OK, then it'll be the same session on IE, but since Firefox doesn't share the same cookies as IE there isn't a session cookie available, so it creates a new session.

    So IE has one session (and cookie), and Firefox has another one.
    Tolls, i don't know how to thank you but you're the reason i'm now moving forward with studying. God bless.

  13. #13
    Tolls is offline Moderator
    Join Date
    Apr 2009
    Posts
    11,450
    Rep Power
    18

Similar Threads

  1. Servlets and HttpSession
    By DC200 in forum New To Java
    Replies: 5
    Last Post: 11-16-2009, 01:35 PM
  2. Security in HttpSession [Discussion]
    By mtz1406 in forum Java Servlet
    Replies: 3
    Last Post: 11-19-2008, 12:37 AM
  3. How to retrieve HttpSession from axis 2.0.
    By snooze-g in forum Advanced Java
    Replies: 0
    Last Post: 10-02-2007, 07:08 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •