GeeCON Prague 2014*
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Session Variable Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "Session Variable" Watch "Session Variable" New topic
Author

Session Variable

Naresh Chaurasia
Ranch Hand

Joined: May 18, 2005
Posts: 356
Hi,
Is it possible to share a session variable across two different applications. If yes, how can we achieve it.

thnx in advance

N Chaurasia


SCJP 1.4, SCWCD1.4, OCA(1Z0-007)
Joice Jose
Greenhorn

Joined: Jun 29, 2005
Posts: 14
Hi Chaurasia,

Session level variables are not even accessible to other users in the same application. Then it is not possible to access it out side the application.

Regards,
Joice
John Wolf
Ranch Hand

Joined: Feb 18, 2002
Posts: 64
Chaurasia,

I think session attributes can used in multiple JVMs of the application by implementing the HttpSessionActivationListener. Read some more on this...
Narendra Dhande
Ranch Hand

Joined: Dec 04, 2004
Posts: 950
Hi Sumit,

I think session attributes can used in multiple JVMs of the application by implementing the HttpSessionActivationListener.


It is not required to implement this interface to share the attributes across differnt JVMs. The session always active only in one JVM at a time. The session can be migrated to different JVM according to Servlet Spec. The listeners only catch the events related to session.

The session object scoped at application level so it can be used in diff JVM in distributed environment, but not for diff. applications.

Thanks


Narendra Dhande
SCJP 1.4,SCWCD 1.4, SCBCD 5.0, SCDJWS 5.0, SCEA 5.0
John Wolf
Ranch Hand

Joined: Feb 18, 2002
Posts: 64
Narendra,

True True... I am little confused on what you meant by the following: -

It is not required to implement this interface to share the attributes across differnt JVMs.


What other way could you share session attributes across multilple JVMs without implementing the HttpSessionActivationListener?
Anand Wadhwani
Ranch Hand

Joined: Mar 21, 2005
Posts: 151
If I understand correctly we are discussing in wrong direction.

The question originally asked here is:

Is it possible to share a session variable across two different applications?


The question does not talks about multiple JVM, but multiple applications.

My answer to both questions (multiple applications, multiple JVMs) is YES.

Yes we can share the same session across multiple web applications and multiple JVMs as long as we are able to pass through session token across.

response.sendRedirect(response.encodeRedirectURL("http://someapp.com/someResourceAbsoluteURL"))

can be used to pass through the session id to different applications. And if cookies are enabled, and session tracking is being done using cookie, then url encoding is not reqquired, browser automatically attaches the cookie with request before sending to same/another application as long as application shares the same domain, i.e. http://app1.mycompany.com/App1/servlet1 and http://app2.mycompany.com/App2/servlet2

can share the same cookie, both applications would have to set the domain of cookie to "mycompany.com" in order to share the cookie across multiple applications.

Another point mentioned here was:

Session level variables are not even accessible to other users in the same application. Then it is not possible to access it out side the application.


This is incorrect. A user may navigate to different application from the same browser and the two application can talk to each other in user's context i.e. session. For example multiple applications of same company requiring "single sign-on"!

Now, coming to sharing session across JVMs, yes it can be done. We can passivate the session and activate it on other JVMs by making all our session attributes serializable. All this happens automatically by using HttpSessionActivationListener as Sumit / Narendra mentioned.

Hope this helps.
[ July 05, 2005: Message edited by: Anand Wadhwani ]

SCWCD 1.4<br />---------------------<br />Ability is what you're capable of. <br />Motivation determines what you do. <br />Attitude determines how well you do it.<br />---------------------
Naresh Chaurasia
Ranch Hand

Joined: May 18, 2005
Posts: 356
Hi Anand,

I have tried using a session variable across two different Applications.

App1 has the following code :

public class CrossAppSession extends HttpServlet{
public void init(ServletConfig sc)throws ServletException{
super.init(sc);
}

public void doGet(HttpServletRequest req,HttpServletResponse res) throws ServletException,IOException{

PrintWriter out = res.getWriter();
HttpSession session = req.getSession();

session.setAttribute("hello","hello oltas");
res.sendRedirect(res.encodeRedirectURL("http://172.16.80.22:7501/OLTAS/index.jsp"));

}
}


In the above code i am setting hello attribute.



App2 has the following code :

<%
session = request.getSession(true);
String str = (String) session.getAttribute("hello");
%>


<%=str%>
<html>
from App1
</html>




The value of str is null. i.e the App2 is not able to read the session attribute set in App1, then how come the session can be used across different applications.

thnx in advance
Narendra Dhande
Ranch Hand

Joined: Dec 04, 2004
Posts: 950
Hi all,

Yes, it is not possible to share a session variables ( or session) across different applications alteast using standard servlet specs. because the session object is scoped at the application level .

Another question that sharing of attributes across diff JVMs for same application. If you go through spec. it is mentioned that the session migration is provided by the specs itself under certiaon conditions ( e.g. Spec gurantees to migrates all the session attributes which implement serializable interface). The Session listeners are required only if we want to catch the events like when the session is created or attribute is added or removed for logging and other purpose. The Listeners itself not handle the migration mechanism, they only catch the related events.
Do you require HttpSessionListener to create a session ? it only caches the events. The same is true about the Activation Listeners.

I hope I am not cofusing you all.

Thanks
[ July 06, 2005: Message edited by: Narendra Dhande ]
 
GeeCON Prague 2014
 
subject: Session Variable