• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

sessionId

 
Ranch Hand
Posts: 92
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello;

I know how session gets created by using httpSession object through which we can get and set session attribute in our webapps...n in this if we want any session attributes id then we use session.getId().

Is this different from sessionId thing of encodeURL() method...

Hope you get my doubt..

Waiting for your reply.

Regards;
Brijesh Shah
-SCJP1.5
-SCWCD(preparing).
 
pie sneak
Posts: 4727
Mac VI Editor Ruby
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Careful. Session attributes are what get retrieved by session.getAttribute - calling other things attributes will lead to confusion.

The session.getId() should return the Id of the session, also known as JSESSIONID. This value gets added to URLs when you encode them, like you asked.
 
Brijesh shah
Ranch Hand
Posts: 92
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hello;

Thanks for replying marc.

I understood your point but i still confused, If i get the session id by session.getId(). The same thing can be done by encoding on url.

So my point is we can get the id through session.getId(), then why and what the use of encoding url.

--
Brijesh
 
Ranch Hand
Posts: 115
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
jsessionid=JSESSIONID is true because sessionid is same for URL encoding
 
Marc Peabody
pie sneak
Posts: 4727
Mac VI Editor Ruby
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Brijesh shah:
So my point is we can get the id through session.getId(), then why and what the use of encoding url.


Convenience.
 
Ranch Hand
Posts: 167
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Mark,

I'm a beginner in Web component world and just started preparing for my exam. I have a small query here. Is that for "Convinience" or for routing back the sessionid to client via encoding URL, as the client may not be interested in accepting cookies.

Also, it is mentioned in Head First book that, Container woule embed a session object into a cookie and send it back to client through response. Good. But when there is a subsequent request from the client, Container verifies the cookie that came along with request. Now, my point is "Is the request coming from client application running from browser or the browser itself", because I haven't seen any code where any client application sending cookie along with its request.

An extension to the above question, assuming that browser would attach the cookie and send the http request to server, how can browser determine the exact cookie as we may have many cookies stored in our client machine through out the day browsing different sites. Please clarify me on these.

Thanks
Ravi
 
Marc Peabody
pie sneak
Posts: 4727
Mac VI Editor Ruby
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

An extension to the above question, assuming that browser would attach the cookie and send the http request to server, how can browser determine the exact cookie as we may have many cookies stored in our client machine through out the day browsing different sites. Please clarify me on these.


I'll start with this first because it's the easiest. When a browser stores cookies, it also stores the domain. So you can have multiple cookies -even of the same name- stored on a single machine if they are from different domains.

I'm a beginner in Web component world and just started preparing for my exam. I have a small query here. Is that for "Convinience" or for routing back the sessionid to client via encoding URL, as the client may not be interested in accepting cookies.

Also, it is mentioned in Head First book that, Container woule embed a session object into a cookie and send it back to client through response. Good. But when there is a subsequent request from the client, Container verifies the cookie that came along with request. Now, my point is "Is the request coming from client application running from browser or the browser itself", because I haven't seen any code where any client application sending cookie along with its request.


The browser sends all the cookies with every request for the given domain. If the browser has cookies disabled, then we have to rely on URL rewriting. The API HttpServletResponse methods are actually encodeURL and encodeRedirectURL but the process is really rewriting, as encoding really means something else entirely. You could try to rewrite the URLs yourself but letting the container do it is a ton easier. The absolute easiest way is to use the c:url tag everywhere you don't want a user to get disconnected from a session.
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic