aspose file tools*
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes isNew can be tricky to trap us. (***info: have a look) Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "isNew can be tricky to trap us. (***info: have a look)" Watch "isNew can be tricky to trap us. (***info: have a look)" New topic
Author

isNew can be tricky to trap us. (***info: have a look)

Srinivasan thoyyeti
Ranch Hand

Joined: Feb 15, 2007
Posts: 557
Hi Ranchers,

I would like to share this information very useful in exams I guess.
HttpSession API

isNew
public boolean isNew()
Returns true if the client does not yet know about the session or if the client chooses not to join the session.

For example, if the server used only cookie-based sessions, and the client had disabled the use of cookies, then a session would be new on each request.

Returns:
true if the server has created a session, but the client has not yet joined
Throws:
IllegalStateException - if this method is called on an already invalidated session


Have a toast


Thanks & Regards, T.Srinivasan
SCWCD 1.4(89%), SCJP 5.0(75%)
nitin pai
Ranch Hand

Joined: May 30, 2006
Posts: 185
I dont think its true.

If you have used session management in your application and the client has disabled the cookies then on the first request the server comes to know that the cookies are disabled through the header and this makes the server append a JSESSIONID to the header and sends back the response.

Any request sent by the client after this will have the JSESSIONID appended after to the requested URL. So when such request comes to the server then it automatically puts the client in the appropriate session, thats why I say that no new session is created even if the cookies are disabled.
[ August 20, 2007: Message edited by: nitin pai ]


Srinivasan thoyyeti
Ranch Hand

Joined: Feb 15, 2007
Posts: 557
Hi nitin,

I would like to know the source of your post.
Text book or online stuff.

nitin posted:
If you have used session management in your application and the client has disabled the cookies then on the first request the server comes to know that the cookies are disabled through the header and this makes the server append a JSESSIONID to the header and sends back the response.


Please try to answer this:

1. For the first request of client, How the server comes to know that cookie are disabled at client? any trick !

2. When exactly container knows that cookies are disabled at client,
and what fallback action it will take.

3. When cookies are used for session handling then whats the cookie name name it should use; and whats the URL param name it uses when URL re-rewriting is employed.

select one
1. JSESSIONID
2. jsessionid
[ August 20, 2007: Message edited by: Srinivasan thoyyeti ]
khushhal yadav
Ranch Hand

Joined: Jun 20, 2007
Posts: 242

Hi Srinivasan,

1. For the first request of client, How the server comes to know that cookie are disabled at client? any trick !


For first request, there is no way the server can make out whether cookies are abled or disabled. It's always the second request, which makes the server to realise this.

2. When exactly container knows that cookies are disabled at client, and what fallback action it will take.


There is no fallback action that server itself takes if cookies are disabled to maintain session. It's developer who himself/herself take care of such scenario by doing any of the following thing.
1. URL encoding
2. Use HTTPS(stateful protocol)
3. Or using hidden field.

Otherwise server by iteself won't be able to maintain session.

3. When cookies are used for session handling then whats the cookie name name it should use; and whats the URL param name it uses when URL re-rewriting is employed.


Name of cookie used to maintain sesion - JSESSIONID
Parameter encoded to URL in case of URL encoding - jsessionid

Regards,
Khushhal


rgrds,
Khushhal
nitin pai
Ranch Hand

Joined: May 30, 2006
Posts: 185
Srinivasan, Khushhal has made the point clear, which I was trying to make. I hope your doubt has cleared.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: isNew can be tricky to trap us. (***info: have a look)