• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

how can we cantrol session in java

 
rachit mehra
Greenhorn
Posts: 13
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
what are the methods for controlling the java session in servlets ?
 
Deepak Bala
Bartender
Posts: 6663
5
Firefox Browser Linux MyEclipse IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
What do you mean by 'control' ? How are sessions created and deactivated ?
 
rachit mehra
Greenhorn
Posts: 13
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
means how can we control session through cookies and url rewriting etc?

suppose server and client are talking to each other what are the ways by which we can control the session for continuing the conversation between client and server as i mentioned above.

i need some explanation regarding this methods.
 
Deepak Bala
Bartender
Posts: 6663
5
Firefox Browser Linux MyEclipse IDE
 
Tim Holloway
Saloon Keeper
Pie
Posts: 17989
47
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The abstract concept of a "session" or "conversation" is foreign to the HTTP protocol, which is designed for a one-shot request/response type of communication. Therefore a little help is needed.

In J2EE, an object called the HttpSession is constructed on the server. It contains the context for a user's conversation. For security and performance reasons, the HttpSession never leaves the server. However, since HTTP is one-shot, a hash key/magic-number/GUID-like string (the session ID) is passed back and forth between client and server on successive request/response requests so that continuity of communication can be maintained.

Under normal circumstances, this mechanism is completely automatic, and, in fact, it's perilous to attempt to wrest manual control over it. The server knows what it's doing and it may not always do what you think it's going to do, so leave that stuff alone and you'll have fewer support calls.

One thing that you do have to do manually, however, is ensure that any outgoing URLs that need to interact with the session are able to do so. As long as cookies are enabled, there's nothing you need to do. But if the app must be able to work for users who have cookies disabled, you need to use the URLEncode feature of J2EE to have the server rewrite your URL with a session id (jsessionid) attached.
 
Jagan mohan paspula
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Session control talks about Security .
how to contorl in webapplication:
Default Sessiontimeout 30 min
There is a diffrence
web application level we can maintain in mintues level
servlets level we can maintain seconds level
<web-app>

<Session-Config>
<Session-timeout>10min</Session-timeout>
</Session-Config>
</web-app>

 
Jagan mohan paspula
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
servlet level we can maintain this method
public void SetMaxInactiveInterval(int seconds)

when you declare '0'&'-1' in webapplication it is never expires
when you declare '0' servlet level it is expire immedeately.
and '-1' never expires

Note:Once Session expires we are not allowed to call session methods violation leads to "IllegalStateException" but thid rule is not applicable to this methods

a)get CreationTime()
b)get AcessedTime()
c)get ServeltContext()
 
rachit mehra
Greenhorn
Posts: 13
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
basically i want to understand that,if a request come from client side(browser) on server side we create a session(HttpSession ses=request.getSession();) the automatically a session_id has sent to client by web container but what happens when the cookies are disable from the browser,is rewriting url automatically done by web container(like tomcat) when the cookies are disable?
please explain me.....
 
Deepak Bala
Bartender
Posts: 6663
5
Firefox Browser Linux MyEclipse IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
is rewriting url automatically done by web container(like tomcat)


No

when the cookies are disable?


When a user chooses to disable them in the browser
 
rachit mehra
Greenhorn
Posts: 13
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks,

But suppose a user disable the cookies from the browser then how can he keep in touch with server , i know for this url rewriting taken place but i want to know url rewriting will be written by programer in servlet. please give me the example to clarify this.
 
Deepak Bala
Bartender
Posts: 6663
5
Firefox Browser Linux MyEclipse IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The link that I posted earlier has some information on URL rewriting using the encodeURL() method.

http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Servlets11.html
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic