Session Management

public void doGet(HttpServletRequest req,HttpServletResponse res)throws
ServletException,IOException
{
HttpSession ses=req.getSession();
PrintWriter out=res.getWriter();
if(ses.isNew())
out.println("new session");
else
out.println("welcome back");
}
}

In the above example if the cookies are disabled then the program will always written new session.
But I've tried this program after disabling the cookies but it writtens welcome back when I refresh the window.How is it possible?

If cookies are disabled then container will automatically fall back for URL rewriting for session management.

Hope it helps

Yes, the container will fall back to URL Writing, but this is only if we write the code for it..

But I didn't write any code for URL rewriting.Can anyone try this program and tell what happens.

As far as i know the server first tries to use Cookie by default as a session tracking mechanism, if the cookies are disabled then it uses URL Rewriting by default. Hence in your case the session is still active.

Shrenik Sakriya

yeah that's right only if you use URL rewriting in your code.but I didn't use URL rewritig as I said before.

Your code works fine in my case, i.e. it only shows "new session" when refreshing the page and cookies are disabled (I'm using Firefox). Are you sure cookies are disabled in your browser? (just checking)
[ March 23, 2007: Message edited by: Johan Pelgrim ]

Originally posted by Shrenik Sakriya:
As far as i know the server first tries to use Cookie by default as a session tracking mechanism, if the cookies are disabled then it uses URL Rewriting by default. Hence in your case the session is still active.

Shrenik Sakriya

No. the server will use both at the first response if you did use URL rewriting in your code. if cookie is enabled, then subsequent responses will ignore URL rewriting in your code. otherwise, they will use URL rewriting.

Think about it. If hte server only uses cookie as default on the first response, what if the cookie is disabled by the user? then the next request comes in without any session id information, then the server will have to create a new session. This is certainly not what we want.

I tried firefox and the program works fine dispalying new session everytime.but it doesn't work with IE.can anyone tell me what's the problem.

Originally posted by Steve Jerome:
but it doesn't work with IE.can anyone tell me what's the problem.

IE?

Try flushing your cookies and then doing a refresh.

Originally posted by Sergio Tridente:

IE?

Try flushing your cookies and then doing a refresh.

IE-Internet Explorer.I've already tried deleting the cookies but no use.can anyone able to run the program in internet explorer?

I ran the program on IE 6. No problem faced. I kept 'Medium High' in the Privacy tab of Tools/Internet Options.

First time you get new session and when you refresh you get welcome back.

Originally posted by Sunder Ganapathy:
First time you get new session and when you refresh you get welcome back.

Actually the program runs fine and the output is what you are getting with cookies enabled.But the problem is running the program after disabling cookies(Read the first Question of the forum).When you disable cookies you should get only new session every time you refersh the browser.But instead welcome back is printing.

Apparently the difficulty you are having in IE is due to the way IE treats the localhost domain. I was able to repeat your problem and after some research uncovered this article:

http://www.techfeed.net/blog/index.cfm/2005/11/7/IE-cookies-and-localhost

It identifies the problem and then a comment on the blog gives the solution for testing... and not it's not always use firefox

Thanks Eaton for your solution.now my code works fine.