wood burning stoves*
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes session managment Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Reply locked New topic
Author

session managment

Naresh Chaurasia
Ranch Hand

Joined: May 18, 2005
Posts: 356
Hi,
If session has expired in my application, then if i say request.getSession() will it return null or new session object.


SCJP 1.4, SCWCD1.4, OCA(1Z0-007)
Marc Peabody
pie sneak
Sheriff

Joined: Feb 05, 2003
Posts: 4727

request.getSession() and request.getSession(true) should NEVER return null.

You'll get a new session.


A good workman is known by his tools.
Naresh Chaurasia
Ranch Hand

Joined: May 18, 2005
Posts: 356
hi Marc,
This is what i am trying to do.... i have configured my application to expire after 5 minutes....as a result ,





sessionDestroyed method if the above code is called... But after the call , i click on a link in my jsp, controll is transferred to servlet and in the servlet in say request.getSession(false) i am getting a new session object, although my session has timed out. I have tried the above by setting the parameter as true or false but in both cases it gives me new session object.........

I am expecting that if the session has expired request.getSession(false) should return null..
Marc Peabody
pie sneak
Sheriff

Joined: Feb 05, 2003
Posts: 4727

In that case, something else is creating a new session before the servlet code's request.getSession(false) is reached: a JSP, another servlet, or something.

Your mention of "control being transferred to the servlet" implies to me that the link does not go directly to the servlet. Is that true? If the link goes straight to the servlet there should be no problem.

Anyway, your best bet in the real world is usually to set up an Intercepting Filter. That way your session check is performed before any other code is reached. This can assure you that a new session is not accidentally created.
Naresh Chaurasia
Ranch Hand

Joined: May 18, 2005
Posts: 356
Marc,
i have posted a similar problem problem using getSession(boolean create) . If you have a look at it.. you will see that problem using getSession(false) is creating new session, though it should return null.
Marc Peabody
pie sneak
Sheriff

Joined: Feb 05, 2003
Posts: 4727

Continued
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: session managment
 
Similar Threads
Alternative to Cookie?
Advice on persisting complex state across multiple server trips
ASP
Session problem in NetBeans
Field set in action method coming null in JSP