File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes JSP and the fly likes Session Creation Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "Session Creation" Watch "Session Creation" New topic

Session Creation

Phillipe Rodrigues
Ranch Hand

Joined: Oct 30, 2007
Posts: 165
I'm confused with the session creation with JSP.
For example i'm trying to create a login.jsp with sessions.

we should enter the name and password which is checked with the existing details.If they match they get next page with a new unique session.

With the help of session scope how can we achieve this. How can i get the unique id should i code it and on to which page (details entry page or second page).

Please help.

Ben Souther

Joined: Dec 11, 2004
Posts: 13410

Sessions are created on your behalf by the container.
This happens automatically in JSP.
All you need to do to work with the session is refer to it using the implicit 'session' object.

Using the newer Expresion Language (EL) you can refer to any scoped variable without knowing the scope to which it is bound.

JSP sessions and a login are not necessarily the same.
Are you interested in writing your own authentication or are you planning to use container managed security? If you're writing it yourself, how are you "checking with the existing details"?

Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
Yong Lin

Joined: Jun 05, 2008
Posts: 2
There are three ways to trace the session.
1.By put a session id in cookie of the client's browser.(default achievement by web server)
2.url-rewriting(if cookie is forbidden)

3.hidden form

Http protocol is stateless,but the web servler will help to avoid it.

By default,tomcat server adopt the first method to trace the session.

In another word,when you visit a page,a session will be created by set a session id in the cookie automaticlly.

When you invoke session.invalidate() explicitly or you do not visit the

web application anymore the current session will expire.

You can set how long the session will expire in tomcat.The default time is 30 minutes.

In a word,you can verify whether the user is loggin by setting a attribute in current session.

Hope a little help and forgive my poor engilish

A nice guy
I agree. Here's the link:
subject: Session Creation
It's not a secret anymore!