File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

HttpSession internally uses cookies and after disabling it, still working: how?

 
Jayesh Pokar
Greenhorn
Posts: 10
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
As far as i know HttpSession internally uses Cookies and if it is disabled then uses URL rewriting.....

i tried with small piece of code creating HttpSession and setting one attribute to it
I disabled my browser cookies......
Now when i run the program with cookies disabled n no url rewriting i did......still im able to get the attribute which i set on session....how come that is possible.....
Please guide me how it is working.....

Here is my code which i tried....

web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app
<servlet>
<servlet-name>MyServlet</servlet-name>
<servlet-class>com.sas.zip1.ServletClass</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
<servlet-name>MyServlet</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>

<servlet>
<servlet-name>MyServlet1</servlet-name>
<servlet-class>com.sas.zip1.ServletClass1</servlet-class>
</servlet>

<servlet-mapping>
<servlet-name>MyServlet1</servlet-name>
<url-pattern>/session2.spring</url-pattern>
</servlet-mapping>

</web-app>


ServletClass


public class ServletClass extends HttpServlet{

public void doGet ( HttpServletRequest request,
HttpServletResponse response )throws ServletException, IOException {
PrintWriter out;

HttpSession sson=request.getSession();
sson.setAttribute("nammee", "jisnussstttttt");


response.setContentType("text/html");
out = response.getWriter();
out.println("<HTML><HEAD><TITLE>");
out.println(" Use of cookie in servlet");
out.println("</TITLE></HEAD><BODY><form method=get action=session2.spring>");
out.println(" <input type=submit><b>This is a Cookie example</b>");
out.println("</form></BODY></HTML>");
out.close();
}
}





ServletClass1

public class ServletClass1 extends HttpServlet{

@Override
protected void doGet(HttpServletRequest request, HttpServletResponse resp)throws ServletException, IOException {
System.out.println("INSIDE NEW ServletClass1");

HttpSession session=request.getSession(false);
System.out.println("ID IS :"+session.getId()+ "VALUE IS : "+session.getAttribute("nammee"));
}
}


Please Help me out......Thanks
 
Jayesh Pokar
Greenhorn
Posts: 10
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sorry I forgot to mention.....If it is using URL rewriting internally then that Session Id should be displayed on address bar of browser that too is not happening.....

Please Help...Thanks
 
Madhan Sundararajan Devaki
Ranch Hand
Posts: 312
Java MS IE
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The one possibility is that, the session values were sent using POST, inspite of you having written doGet ! Not sure, how this happens, but sometimes, rarely such a behaviour can be seen.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic