• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Session management in Servlets

 
Ranch Hand
Posts: 18944
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
basically I have a static Html page which consisits of textbox and continue button. When I press continue
a servlet gets executed which dynamically opens a new (Second) page which in turn has one more textbox and Submit button.
Now I open another separeta instance of my browser and copy and paste the url I got by pressing my first static Html page. I directly get my second Html page. I don't want to allow the user to do this. How should I go about in my code to avoid user copying and pasting the Url where in they can directly goto the second page skipping my first page.
It is like storing the Url of login page and directly going to the main web page without entering userid and password.
Hope u all understood my prob.
Please help me....
 
Sheriff
Posts: 7001
6
Eclipse IDE Python C++ Debian Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The problem is that the behaviour of browsers is not fully specified. Your browser obviously shares all its cookies between all open windows; some browsers have separate cookie sets for each window.
There are some situations where you want shared cookies (an application which uses several windows for different purposes, for example), and some where you want separate cookies (an application where you need several concurrent "sessions", for example).
Unfortunately, I know of no way of configuring a browser to specify one or the other behaviour.
 
Anonymous
Ranch Hand
Posts: 18944
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Sounds like you need to use the Session Tracking API. I'm just beginning to learn this so bear with me.
Basically, every user of a site is associated with a javax.servlet.http.HttpSession object that servlets can use to store and retrieve information about that user in a persistent cookie. Using this you can check to see if the user has previously logon or entered your first page by creating an unique session id when the user first opens your first page. If they skip to your second page then the unique session id won't be their and you can send them back to your first page.
You can find an excellent explanation of all this in Java Servlet Programming by Jason Hunter and/or look at the examples at: http://www.oreilly.com/catalog/jservlet/examples/index.html
Specifically you want the code from Chapters 7 and 8.
You can also look at Java's tutorial on session tracking:
http://web2.java.sun.com/docs/books/tutorial/servlets/client-state/index.html
Hope that helps.
Yoo-Jin.
[This message has been edited by Yoo-Jin, Lee (edited July 21, 2000).]
 
Desperado
Posts: 3226
5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Just a note that if the user has cookies disabled, the session tracking switches to using URL re-writing. This last one works always although it's more inefficient.
 
Frank Carver
Sheriff
Posts: 7001
6
Eclipse IDE Python C++ Debian Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Even URL rewriting still allows a user to copy/paste the URL into another window and then have two windows on the same "session".
This is one of the biggest problems with using a Web browser as a generic User Interface. There is nothing analogous to the "window handle" which is found in all other window-based User Interface systems.
 
Tony Alicea
Desperado
Posts: 3226
5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Interesting point, Frank; Thanks!
 
What's a year in metric? Do you know this metric stuff tiny ad?
a bit of art, as a gift, the permaculture playing cards
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic