This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
The reason you get the null with the redirect (and the refresh) is that you are storing the user in a request attribute. As such, it is only stored (and thus available) for the current request being processed. A redirect (by its nature) causes a new request to be initiated. This is the flow that is happening: 1) The user makes a request (request #1) to the web server - At this point it is a new request, thus a new HttpServletRequest object is created and therefore there are no request attributes in that request. 2) Your action is storing the user in an attribute (of request #1) 3) It goes to display your view, but is using a redirect, therefore it tells the browser to make a new request to the new URL (of your main.jsp page) 4) The browser make a new request (request #2) to the web server - a new request, thus a new HttpServletRequest object is created and therefore there are no request attributes in that request. 5) There are no request attributes, so your attempt to access "user" results in a null
If you want to retain this value across multiple requests, you can store it in a cookie in the request. You can set the cookie to expire at the end of the session, or be retained for however long. However using cookies has security ramifications since that value is going back to the client (where it can be viewed, altered or spoofed) In some cases that's no big deal; in other cases it is a huge deal/risk. Also, using cookie has a requirement that the user's browser allows cookies.
Another option, if you want to store a variable across multiple requests, is to use a session attribute.
Take a look at the API documentation for HttpSession and its setAttribute() method. Not that you can get a HttpSession object via the getSession() method of the HttpServletRequest. It's important when using session attributes that you understand the concept of a session timeout, how to set the session timeout in the web.xml, and the ramifications of setting it too low & of setting it too high (memory usage being the big cost).
Overall, your question is not Struts specific, but Servlet/JSP related. I recommend grabbing a good Servlet/JSP book and reading through it to understand page vs request vs session vs application scope (and attributes).
I hope that helps. [ February 14, 2005: Message edited by: Mark Vedder ]
Joined: Feb 02, 2005
thx for reply -- Mark Vedder
do u know any online document that help me to get info abt maintaning the session attribute?
Originally posted by yogesh totare: do u know any online document that help me to get info abt maintaning the session attribute?
A couple that I know of are the Sun J2EE v1.4 Tutorial and then there's a free online version of the first edition of Core Servlets & JavaServer Pages avaialbe at the website www.coreservlets.com (the link to the pdf is down towards the bottom of the home page). There is a chapter on Session Management. Keep in mind that that edition of the book is based on the older Servlet & JSP specs (specifically the Servlet v2.1 & 2.2 and JSP 1.1 specs). A lot was added in both the 2.3/1.2 and 2.4/2.0 versions of the specifications. Nonetheless, the basic concepts of session management remain the same, but the tools (i.e. the available classes and methods) have changed. It is important that you know what version of the Servlet/JSP specifications the servlet container of you web server supports.
Other then those, I would recommend doing a Google search or spending some time in the book store. I personally believe it is important to spend the time to learn and full understand the concepts of session management (and the 4 variable scopes I mentioned in the previous posts), not just the syntax behind it, but the design decisions that go along with it. I have seen many cases where a developer with only a superficial understanding has created some nightmarish web applications.
Also keep in mind (for something else to add to the list of things to learn) that the JSTL (Java Standard Tag Library) has tags in the core library that can greatly aid in and simplify the code for session management, parameter & variable tracking, etc.