aspose file tools*
The moose likes Servlets and the fly likes how can we cantrol session in java Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "how can we cantrol session in java" Watch "how can we cantrol session in java" New topic
Author

how can we cantrol session in java

rachit mehra
Greenhorn

Joined: Jul 06, 2011
Posts: 13
what are the methods for controlling the java session in servlets ?
Deepak Bala
Bartender

Joined: Feb 24, 2006
Posts: 6662
    
    5

What do you mean by 'control' ? How are sessions created and deactivated ?


SCJP 6 articles - SCJP 5/6 mock exams - More SCJP Mocks
rachit mehra
Greenhorn

Joined: Jul 06, 2011
Posts: 13
means how can we control session through cookies and url rewriting etc?

suppose server and client are talking to each other what are the ways by which we can control the session for continuing the conversation between client and server as i mentioned above.

i need some explanation regarding this methods.
Deepak Bala
Bartender

Joined: Feb 24, 2006
Posts: 6662
    
    5

Java;s tutorials are a great place to start - http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Servlets11.html
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16250
    
  21

The abstract concept of a "session" or "conversation" is foreign to the HTTP protocol, which is designed for a one-shot request/response type of communication. Therefore a little help is needed.

In J2EE, an object called the HttpSession is constructed on the server. It contains the context for a user's conversation. For security and performance reasons, the HttpSession never leaves the server. However, since HTTP is one-shot, a hash key/magic-number/GUID-like string (the session ID) is passed back and forth between client and server on successive request/response requests so that continuity of communication can be maintained.

Under normal circumstances, this mechanism is completely automatic, and, in fact, it's perilous to attempt to wrest manual control over it. The server knows what it's doing and it may not always do what you think it's going to do, so leave that stuff alone and you'll have fewer support calls.

One thing that you do have to do manually, however, is ensure that any outgoing URLs that need to interact with the session are able to do so. As long as cookies are enabled, there's nothing you need to do. But if the app must be able to work for users who have cookies disabled, you need to use the URLEncode feature of J2EE to have the server rewrite your URL with a session id (jsessionid) attached.


Customer surveys are for companies who didn't pay proper attention to begin with.
Jagan mohan paspula
Greenhorn

Joined: Jul 07, 2011
Posts: 6
Session control talks about Security .
how to contorl in webapplication:
Default Sessiontimeout 30 min
There is a diffrence
web application level we can maintain in mintues level
servlets level we can maintain seconds level
<web-app>

<Session-Config>
<Session-timeout>10min</Session-timeout>
</Session-Config>
</web-app>

Jagan mohan paspula
Greenhorn

Joined: Jul 07, 2011
Posts: 6
servlet level we can maintain this method
public void SetMaxInactiveInterval(int seconds)

when you declare '0'&'-1' in webapplication it is never expires
when you declare '0' servlet level it is expire immedeately.
and '-1' never expires

Note:Once Session expires we are not allowed to call session methods violation leads to "IllegalStateException" but thid rule is not applicable to this methods

a)get CreationTime()
b)get AcessedTime()
c)get ServeltContext()
rachit mehra
Greenhorn

Joined: Jul 06, 2011
Posts: 13
basically i want to understand that,if a request come from client side(browser) on server side we create a session(HttpSession ses=request.getSession();) the automatically a session_id has sent to client by web container but what happens when the cookies are disable from the browser,is rewriting url automatically done by web container(like tomcat) when the cookies are disable?
please explain me.....
Deepak Bala
Bartender

Joined: Feb 24, 2006
Posts: 6662
    
    5

is rewriting url automatically done by web container(like tomcat)


No

when the cookies are disable?


When a user chooses to disable them in the browser
rachit mehra
Greenhorn

Joined: Jul 06, 2011
Posts: 13
Thanks,

But suppose a user disable the cookies from the browser then how can he keep in touch with server , i know for this url rewriting taken place but i want to know url rewriting will be written by programer in servlet. please give me the example to clarify this.
Deepak Bala
Bartender

Joined: Feb 24, 2006
Posts: 6662
    
    5

The link that I posted earlier has some information on URL rewriting using the encodeURL() method.

http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Servlets11.html
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
 
subject: how can we cantrol session in java