[SCWCD] Cram Sheet 3 – session management

April 20, 2008


Chapter 6 Session Management

Session

HttpSession ss = request.getSession();
ss.isNew(); // <== return True if just created.

  • JSESSIONID cookie name is used for session management. Its automatically done by Container.
  • request.getSession(false); // Do not create new session. Only get preexisting session.
  • request.getSession(true); // Create new session. Same as the getSession()
  • HttpSessionEvent or HttpSessionBindingEvent have getSession() function.
  • If cookie is disabled, isNew will always return TRUE
  • URL writing : if client does not support cookie, container automatically use URL rewriting for session support. It adds ";jsessionid=1234567" at the end of the URL. However you need to use response.encodeURL("/test.do") to print the URL or response.encodeRedirectURL("/test.do") for redirect

Session Methods

  • getCreationTime()
  • getLastAccessedTime()
  • setMaxInactiveInterval() : max time to keep the session in Seconds. Negative value ==> session never timeout
  • getMaxInactiveInterval()
  • invalidate() : Ends the session. Session ID no longer exists and attributes are removed.

DD : Define Max Session time in minutes.

<session-config>
	<session-timeout>15</session-timeout> 
</session-config>

For DD session-timeout value, 0 or negative means ==> Session never expires (little bit different from setMaxInactiveInterval )

Cookie


* Setting cookie
Cookie ck = new Cookie("Name","Value");
ck.setMaxAge(30*60); // Negative Value ==> Cookie will be deleted when browser exits. Zero value causes cookie to be deleted
response.addCookie(ck); //There is no setCookie()

*Getting cookie : you will have to get array of cookies and find the correct cookie checking each one.
Cookie[] cks =request.getCookies(); // There is no getCookie(”Name”);

* You need to define Listeners in DD except HttpSessionBindingListener.

* HttpSessionActivationListener : used when session is moving through VM
A container is required to migrate Serializable attribute but a container is not require to use serialization. Two ways to guarantee serialization are
==> Make attribute class type serializable Or Implement HttpSessionActivationListener.

* HttpSessionBindingEvent has getSession(), getName(), and getValue()

  • getName() returns the String name of the attribute that triggered the event.
  • getValue() returns the object value of the attribute that triggered the event. But it returns the OLD value!

(*) Next: [SCWCD] Cram Sheet 4 – using JSP

Share and Enjoy:
  • DZone
  • Twitter
  • Technorati
  • Reddit
  • Digg
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks
  • Diigo
Posted by HanaDaddy Filed in java
Tags: ,
1 Comment »


One Response to “[SCWCD] Cram Sheet 3 – session management”

  1.   Remember the code? » Blog Archive » [SCWCD] Cram Sheet 2 - attribute and listeners Says:
    May 13th, 2008 at 10:46 pm

    [...] Next: [SCWCD] Cram Sheet 3 – session management Posted by HanaDaddy Filed in java Tags: java, SCWCD [...]

Leave a Reply