Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

getSession(boolean create) in HttpServletRequest

 
Sonny Gill
Ranch Hand
Posts: 1211
IntelliJ IDE Mac
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
from API javadocs
To make sure the session is properly maintained, you must call this method before the response is committed. If the container is using cookies to maintain session integrity and is asked to create a new session when the response is committed, an IllegalStateException is thrown.
What effect does this have when we use the implicit session object in a JSP, since we are not actually getting it from request directly?
 
Brahim Bakayoko
Ranch Hand
Posts: 155
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
For the session object to be available in the jsp page, the use session attribute of the page directive should not be false; true is the default and no attribute defaults to true. The jsp will set the session appropriately before any response is committed, so you should not worry about an IllegalStateException at that particular stage.
I have written a web application where a valid session is created in one filter only and no where else. That is, other jsps and servlets have to use the session created by the filter or do something else if such session does not exist.
I guess you would like to know the equivalent for a jsp page of servlets' request.getSession(false) which return a session if one exist or null if none exist. Well, there isn't.
The way to handle such things in a jsp, is to check if the session is new (session.isNew()).
If true, the session has just been create in the jsp and invalid in my case, so I invalidate the session and handle the rest as appropriate. If false, the session can be processed.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic