Session Object creation

hi
i doubt when a session is created

i read the below line will create the new session
HttpSession.getSession(true);---> return the new session object if none is associated with the request.


how this object can be made asssociate to a particular user like session 1 is for user 1 and session 2 for user 2 and so on....


and if the session become invalid (after some expire time) how the user is abanded from proceeds further saying your session is expires...

how the above basic functionality is acheived..

Any one please....

Hi,

Association of a Session object to a user is done by the container. Apart from calling getSession() method, a servlet programmer need not do any extra things.

This association is done by using a cookie called jsessionid that is sent by the container everytime in the response. The browser sends this back with every subsequent request, so the container can identify the session object for this user. If cookies are disabled in the client, then you have to use encodeURL()/encodeRedirectURL() methods to acheive this.

You can get this id using getSessionId() method in the HttpSession object.

NOTE: getSession(false) returns a HttpSession object only if a session already exists for this user. Else, it returns null.

Get the session using getSession(false). If gets null then you can handle as you want.

Or store an attribute in the session say.. .

Boolean isValid

Get the session using getSession(). Check the attribute isValid if gets null then forward the request to sessionExpired.jsp