This week's book giveaway is in the OCMJEA forum.
We're giving away four copies of OCM Java EE 6 Enterprise Architect Exam Guide and have Paul Allen & Joseph Bambara on-line!
See this thread for details.
The moose likes JSP and the fly likes HttpSession = total confusion Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCM Java EE 6 Enterprise Architect Exam Guide this week in the OCMJEA forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "HttpSession = total confusion" Watch "HttpSession = total confusion" New topic
Author

HttpSession = total confusion

Rohit Ahuja
Ranch Hand

Joined: Oct 04, 2001
Posts: 121
I have a few questions about the HttpSession.
1.I was going through one of the articles at
http://jguru.com/faq/view.jsp?EID=1079642
It states that session id gets stored in the database. My confusion is, when i install a server ( Orion in my case ) I have'nt connected to the database yet and i use HttpSession and it works just fine. Does HttpSession id get saved in the database?? As far as my knowledge goes it gets stored as a key value pair on the server itself...
2.If i have cookies disables, how will the site on which i have fully coded using HttpSession work. Does anyone have a code where we check for Cookies setting before deciding the type of Session Tracking.
And also, i was debating with one of my friends where exactly this above code be embedded.if i only set it on my login page and suppose after entering the site the pranky decides to disable cookies, my web-site goes for a toss ??
And if i put this check on each and every page of my website, does'nt it cause any overhead, am i not hampering the response time ??

Timmy( refering to Holloway ) the problem solver, RESCUE ME !!!


Face Off.
Amir Ghahrai
Ranch Hand

Joined: Jun 19, 2002
Posts: 110
Deepak,
As regards with your first question, I doubt that the session gets stored in the database. Your session gets stored in a variable called jsessionid which in turn can either be stored on the server or as cookies in the client's machine.
For question 2, Once you have declared a HttpSession variable, you can gain access to it and retrieve its value. Ofcourse you can define the scope (request, page, application) for your session, so that you don't need to rewrite the code everytime in every page. all you have to do is to retrieve its value on each page to identify the source of request.
I suggest encoding all your links (anchor tags) so that when cookies are disabled on client's browser, then URL-rewriting is taken over automatically. You can try this by disabling cookies on your machine and then focus on the web address bar on your browser. each time you make a request, the jsessionid is appended to the url and any query strings, provided that you have encoded your links.
HTH


Amir
Philip Shanks
Ranch Hand

Joined: Oct 15, 2002
Posts: 189
Originally posted by Amir Ghahrai:

Your session gets stored in a variable called jsessionid which in turn can either be stored on the server or as cookies in the client's machine.

Not "or" -- the session is stored on both sides of the conversation (either in a cookie or encoded into the URL on the client, and in the session context on the server), and that is how the server can recognize the client on subsequent requests.
I think it would be rare that an application would need to persist a session ID in a database, beyond the context of the actual session.


Philip Shanks, SCJP - Castro Valley, CA
My boss never outsources or has lay-offs, and He's always hiring. I work for Jesus! Prepare your resume!
Rohit Ahuja
Ranch Hand

Joined: Oct 04, 2001
Posts: 121
Thanx Amir,
That helps theoretically, but can u help me with some sample code?? or may be some url defining the sample code??
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: HttpSession = total confusion