• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Tim Cooke
  • Liutauras Vilda
  • Jeanne Boyarsky
Sheriffs:
  • Paul Clapham
  • Rob Spoor
  • Junilu Lacar
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Piet Souris
  • Carey Brown
Bartenders:

session.isNew() gives true after request.getSession(false)

 
Ranch Hand
Posts: 264
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
session.isNew() gives true after request.getSession(false);


As per my understanding request.getSession(false) will return an existing session if it exists, else return null.

So, session.isNew() can either give me false, or a NullPointerException.

But to my surprirse, it was giving me a true result.

I am using eclipse and the above thing is observed while debugging.

Does anybody has a clue as to what might be going wrong.
 
Ranch Hand
Posts: 34
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Yogesh, as per the API documentation, if the isNew() method returns true it means that the client has not yet joined the session (e.g. if cookies are disabled). Therefore, it doesn't mean that the session has just been created.
 
Yogesh Gandhi
Ranch Hand
Posts: 264
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
what is meant by client has not joined the session.


well we were able to find the fix.

we were using eclipse along with weblogic.

we changed a tag called as url-rewriting in weblogic.xml to true.

Actually the session id was getting changed between action classes.

after making the above setting, it worked.
 
Vanessa Danin
Ranch Hand
Posts: 34
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
In other words, the client was not providing the session identifier in requests (e.g. by blocking cookies). URL rewriting allows a session to be tracked even if cookies cannot be used, by adding a session identifier to URLs used by the client. So, by enabling URL rewriting you have enabled session tracking. I hope this makes it easier for you to understand.
 
Yogesh Gandhi
Ranch Hand
Posts: 264
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks venessa for the explanation...

but i am sure that cookies were nt disabled in our browser.

i understand that enabling the url rewriting made session id move to and fro between requests, but as far as i remember cookies were enabled in my browser settings.

Second thing, i read the documentation, it says that request.getSession(false) will return a session if it exists, otherwise it will return a null. so i think i do not agree fully to what you said above that it will not return null even if a session does not already exists.

can you please post the documentation here so that others can also be benefitted.
 
Vanessa Danin
Ranch Hand
Posts: 34
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Yogesh, I have absolutely no idea what makes you think that I said that that request.getSession(false) will not return null even if a session does not already exist. Where did I say that??
 
Yogesh Gandhi
Ranch Hand
Posts: 264
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
you said that isnew will return true if client has not joined the session.

my say is that either it can give false or a null pointer, but never true
 
Vanessa Danin
Ranch Hand
Posts: 34
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You are confusing two completely different methods. The boolean isNew() method and the HttpSession getSession(boolean create) methods are two different methods in two different interfaces.

As quoted from the API documentation, the isNew() method in the HttpSession interface:

Returns: true if the server has created a session, but the client has not yet joined



And the getSession(boolean create) method in the HttpServletRequest interface:

Returns: the HttpSession associated with this request or null if create is false and the request has no valid session



Is it clearer for you now?
 
Yogesh Gandhi
Ranch Hand
Posts: 264
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Venessa again for your help.

Yeah Now I am able to understand.

The session.isNew() will return true even if the session is not created from request.getSession(false);
if the response has never been sent to the client.
I mean this is the first request that came to the server and a session was created, and then forwarded internally to the servlets on server side...

So, session remains new till the time the response is not sent back to the client.

Reference : https://coderanch.com/t/360464/Servlets/java/Kindly-clarify-HttpSession-isNew

So, taking an assumption that session has been created by the following statement, if isNew returns true, is not always correct.




Thanks everybody
 
Ranch Hand
Posts: 247
Eclipse IDE Chrome Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
request.getSession(false) will not create new session.

During the first request to the server, first request not containing any SESSION ID Cookie/ URL rewritten is processed by servlet.
In the process, when request.getSession(true)/getSession() is invoked, new session is created and SESSIONID will be added to cookie in the response.

Then, request forwarding is done to other servlet, when request.getSession(false) will return NULL since this forwarded first request does not contain SESSIONID/URL Rewritten.

This is the general concept. I have got it in Apache Tomcat. Dont know about WebLogic.

Session Management Logic may differ from container to container.

 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic