GeeCON Prague 2014*
The moose likes Servlets and the fly likes getSession(boolean create) in HttpServletRequest Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Java » Servlets
Bookmark "getSession(boolean create) in HttpServletRequest" Watch "getSession(boolean create) in HttpServletRequest" New topic
Author

getSession(boolean create) in HttpServletRequest

Sonny Gill
Ranch Hand

Joined: Feb 02, 2002
Posts: 1211

from API javadocs
To make sure the session is properly maintained, you must call this method before the response is committed. If the container is using cookies to maintain session integrity and is asked to create a new session when the response is committed, an IllegalStateException is thrown.
What effect does this have when we use the implicit session object in a JSP, since we are not actually getting it from request directly?


The future is here. It's just not evenly distributed yet. - William Gibson
Consultant @ Xebia. Sonny Gill Tweets
Brahim Bakayoko
Ranch Hand

Joined: Aug 29, 2003
Posts: 155
For the session object to be available in the jsp page, the use session attribute of the page directive should not be false; true is the default and no attribute defaults to true. The jsp will set the session appropriately before any response is committed, so you should not worry about an IllegalStateException at that particular stage.
I have written a web application where a valid session is created in one filter only and no where else. That is, other jsps and servlets have to use the session created by the filter or do something else if such session does not exist.
I guess you would like to know the equivalent for a jsp page of servlets' request.getSession(false) which return a session if one exist or null if none exist. Well, there isn't.
The way to handle such things in a jsp, is to check if the session is new (session.isNew()).
If true, the session has just been create in the jsp and invalid in my case, so I invalidate the session and handle the rest as appropriate. If false, the session can be processed.


SCJP, SCWCD, SCBCD, IBM CSD WebSphere v5, <br />A+, MCP 2000 and 2000 server, CST, and few incompleted certification tracks.<br /> <br />Ivory Coast<br /> <br />Analyze your web Request/Response @ <a href="http://webtools.servehttp.com" target="_blank" rel="nofollow">http://webtools.servehttp.com</a> down for a while...
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: getSession(boolean create) in HttpServletRequest