I am following an example in a college text book.
The example is a simple web application for a online bakery.
Basically, you have a jsp showing a selection of baked goods which have been read from a database.
If you click on one of those items (which is a hyperlink), it adds the name of that item to
a 'cartBean' bean and reloads the page to display a table (the Cart) with the newly chosen item inside.
New items can be added to the cart in the same way, and the cart will accumulate all your chosen items.
Its really very simple.
Now, the example suggests (and I presume) that the only way to ensure the cartBean keeps
its contents (without being emptied) is to ensure that the scope="session"/"application".
If scope="page" is specified, a new bean instance will be created every time an item is added
to the cart meaning that there will only ever be max 1 item in the cart at all times.
Since the cartBeans scope needs to = "session", it means that the same cartBean
session is shared between multiple users! So, if user A loads the web page, and adds three items
to their cart, and then user B loads the web page, user B will see those three items have already
been loaded into their cart even though their cart should be empty.
I understand that bean sharing may be useful (at times), but in this case it is not what I'm looking for.
WHAT I'M LOOKING FOR:
I want a new bean instance to be created for each user. Furthermore, is it possible to destroy that
bean instance when a user leaves the web site?
I sincerely apologise if this has been covered before. If so, please forward me in the right direction.
Steve Simon wrote:Since the cartBeans scope needs to = "session", it means that the same cartBean session is shared between multiple users! So, if user A loads the web page, and adds three items
to their cart, and then user B loads the web page, user B will see those three items have already been loaded into their cart even though their cart should be empty.
No it doesn't. Session scope means the attributes are shared by all requests of the same session. Unless you explicitly attempt to hijack a session, each user gets its own session. User B will get a different session and therefore different attributes.
What you describe would be true if you used application scope.
Furthermore, is it possible to destroy that bean instance when a user leaves the web site?
When the session is invalidated (due to inactivity or done manually), all attributes inside the session are discarded as well.
I think where I got confused is that I assumed that the [application server/ JVM / whatever entity is responsible] would create a new session every time I open the same website from the same computer.
As it turns out, the session continues to remain active because the same bean is used.
HERE IS A SIMPLE EXAMPLE:
If you run the above application, and click the reload button on the browser 2 times. The number increments by 1 until it gets to 3.
Run the application again (opening up a second tab on the browser), and click the reload button 4 times. The number increments by 1 until it gets to 5.
So far so good.
Now, go back to the first tab that was opened and click reload.
The number now jumps from 3 to 6.
This illustrates to me that the same session (and bean instance) is being used by both tabs.
Am I correct in saying that the application server or JVM can provide maximum ONE session for each client?
As Bear mentioned, different browser tabs will share the same browser session, and thus the same cookie.
If you really want to test it in two different sessions try
- two completely different browsers (I use Firefox and IE a whole lot for this)
- In IE open up a new browser using File:New Session
Joined: Jan 28, 2012
Thanks Stefan, using different browsers does the trick :)
Actually I think what was confusing me right in the beginning was the way that Google Chrome was handling my application (so this was more of a browser issue than anything else)
I realised that Chrome keeps the session running in the background even if you close the browser completely. So if you launch the application again (before the maxInactiveInterval is reached) the previous session will be restored.
Although this can obviously be resolved by using the setMaxInactiveInterval() method on the session object, a cleaner way is to go to advanced options and:
- 'under the bonnet', deselect 'continue running background apps when Google is closed'.
- go to 'privacy' and 'clear browsing data' (make sure 'delete' cookies' is checked).
Alternatively, you can just redeploy your application every time.
I just checked, and neither Firefox, nor IE have this problem by default.
But, its good to hear from people who probably have more experience than me that a particular requirement (such as the one I was looking for) is probably not a 'realistic requirement'.
It was just annoying when I was trying to test the application and I wasn't getting 'fresh' beans each time...