aspose file tools*
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Regarding session in JSPs, a question from Enthuware Mock Exam Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "Regarding session in JSPs, a question from Enthuware Mock Exam" Watch "Regarding session in JSPs, a question from Enthuware Mock Exam" New topic
Author

Regarding session in JSPs, a question from Enthuware Mock Exam

Prashant Shiralkar
Greenhorn

Joined: Apr 13, 2010
Posts: 19
The following is a question from Enthuware Mock Exam:

The correct answer is "It will print Hello and will set the count attribute in the session."
I answered: "It will throw a NullPointerException at request time."

The explanation the tool gives for the correct answer is:
Explanation:
---------------------------
Had this code been in a regular servlet like this:

It would have thrown an NullPointerException as request.getSession(false) would have returned null (since this is a first ever request to the servlet container.)

However, in case of JSP pages, the session is automatically created by default. I.e. <%@ page session="true" %>
---------------------------

I wasn't convinced with the explanation and hence I tried creating a JSP and it worked as per the given comments. I also observed the servlet code resulting from translating the JSP (which said HttpSession session = pageCotext.getSession()). For the session attribute of page directive, the spec says:
If true then the implicit script language variable named session of type javax.servlet.http.HttpSession references the current/new session for the page.

But I fail to understand why a JSP is given a session object when it has not been explicitly "requested" by a developer; and what does it mean to have a new session just for the page? And given that, does a request to any JSP automatically associate a session with the client, even when there is no need to have a notion of "state"?

Regards,
Prashant
Ankit Garg
Sheriff

Joined: Aug 03, 2008
Posts: 9313
    
  17

This is given in the spec itself, I think you missed it
JSP Spec wrote:page directive session attribute
If true then the implicit script language variable named session of type javax.servlet.http.HttpSession references the current/new session for the page.
If false then the page does not participate in a session; the session implicit variable is unavailable, and any reference to it within the body of the JSP page is illegal and shall result in a fatal translation error.
Default is true.

So if you don't specify the session attribute in a JSP page, it will automatically create a session object. To stop the JSP from doing so, you'll have to explicitly set the session attribute of the page directive to false...


SCJP 6 | SCWCD 5 | Javaranch SCJP FAQ | SCWCD Links
Prashant Shiralkar
Greenhorn

Joined: Apr 13, 2010
Posts: 19
I did go through the spec, and I am convinced why that answer is what it is, but I don't see, from a design viewpoint, why a "new" session object is automatically available to all JSP pages with no existing session AND default value of "true" for the session attribute in the page directive.

Does it mean the JSP page which encounters this kind of code for the first time from a new user is the initiator of a new session for the user? or rather put another way - Is this session available to other resources for further requests from the same user?

If not, what use is a new session meant just for a JSP page, if its really not involved in any state maintenance and which ultimately is going to get destroyed at the end of _jspService method?
Ankit Garg
Sheriff

Joined: Aug 03, 2008
Posts: 9313
    
  17

Is this session available to other resources for further requests from the same user?

Yes, this is a normal session so once a session is created for a user, further requests from the same user will use the same session...
Frits Walraven
Creator of Enthuware JWS+ V6
Bartender

Joined: Apr 07, 2010
Posts: 1715
    
  25

Hi Prashant,
but I don't see, from a design viewpoint, why a "new" session object is automatically available to all JSP pages with no existing session AND default value of "true" for the session attribute in the page directive.

You should look at it as a convenience to the developer. The JSP (view) is normally where you show the results of the request being made. Often you want to show values of attributes which are stored in the Session object so you would have repeating code in the JSPs to get hold of the Session object.

Regards,
Frits
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Regarding session in JSPs, a question from Enthuware Mock Exam