File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes JSP and the fly likes JSP HttpSession issue - some pages work, some don't Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "JSP HttpSession issue - some pages work, some don Watch "JSP HttpSession issue - some pages work, some don New topic
Author

JSP HttpSession issue - some pages work, some don't

Jon Brasted
Greenhorn

Joined: Mar 18, 2004
Posts: 19
Hi.

I have a strange issue. The first page (mainIndex.jsp) uses a login page called index.jsp to test whether a user is authenticated and if not, shows a login form. If user is authenticated, it uses jsp:forward to forward to mainIndex.jsp. A Java servlet is used by index.jsp to check the user's details are correct and if so, stores the authentication information in the HttpSession (sets "authenticated" value to true and "username" to the username of the user). This works fine and the username is shown on mainIndex.jsp.

The second page is just a test page hyperlinked from mainIndex.jsp that is supposed to get the HttpSession associated with the request header and show the username stored in the HttpSession. This does not work. Does anyone know why?

By the way, I am using Apache Tomcat 5.5.9 under Windows XP Professional but not using J2EE security as I don't have access to the server configuration files, in order to set it up.

Thanks.
Jon


=== mainIndex2.jsp ===



=== test.jsp ===
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60817
    
  65



This is completely unnecessary. The session implicit variable is already set up when a JSP page is invoked.


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Jon Brasted
Greenhorn

Joined: Mar 18, 2004
Posts: 19
If that's the case, I don't understand why the HttpSession object is not passed from mainIndex.jsp to test.jsp??
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60817
    
  65

Yes, but the first step is to get rid of any unnecessary stuff that might be tripping you up.

Also, are you just looking for help on this spot problem, or would you like some discussion on better ways to approach the whole pattern of what you are doing?
Ben Souther
Sheriff

Joined: Dec 11, 2004
Posts: 13410


You're logging yourself out as soon as you've tested for a valid login.
[ July 21, 2005: Message edited by: Ben Souther ]

Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60817
    
  65

Yup, that's it. Good spot, Ben.

Jon, if you thought that that line would defer calling the invalidate method until the hyper-link was clicked, you have a basic misunderstanding of the life-cycle of a JSP.

All the Java scriptlets in a JSP are executed on the server side in order to create a plain old HTML page to send to the browser. As such, your invalidate method is being called before the page is even sent to the browser.

Do a View Source on the page and see what your anchor tag got turned into.
[ July 21, 2005: Message edited by: Bear Bibeault ]
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60817
    
  65

Or, better yet, find the java file that got created on behalf of your JSP and see what code executes when the page is hit. (Under Tomcat, these can be found in the folder hierarchy rooted at $CATALINA_HOME/work).
 
 
subject: JSP HttpSession issue - some pages work, some don't
 
Similar Threads
Need some help regarding sessions
URL rewriting
help on controller jsp
Problem With jsp:forward
Session tracking