tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Pawson, David" <>
Subject RE: HttpSession usage
Date Mon, 17 Jan 2005 09:37:24 GMT

    Sounds to me like you need to do some reading on 
    JSP/Servlets, any book will explain sessions to you and 
    provide examples. There are numerous online resources too.

No problem, nice to know I'm reading the right stuff though!


    You don't need to worry about identifying the user in most 
    cases, this is managed internally with cookies, i.e you 
    would not need to check, you can assume. 

    The reason you see jsessionid being appended onto some URLs 
    ni JSPs is because the user may have cookies turned off, in 
    which case when they post or whatever back to the server, 
    the server may create a new session.

Which then raises the question, do I (can I) check that a user
has cookies enabled?
	HttpSession sess = request.getSession(true);
	    if( sess.isNew() )"<p>New Session</p>");
	    else"<p>Existing Session</p>");

Or is this sufficient? From this and my own flow logic
I guess I can see if the user is 'new' when she shouldn't
    I'm not entirely sure of the strategy or decisions 
    developers use to determine if they are going to add 
    jsessionid manually to URLs in JSPs, perhaps someone can 
    pick that up for you. It may be that you could test the 
    user's ability to store cookies and make a decision there. 
    I would recommend picking up a good JSP/Servlet manual for examples.

I've got the O'Reilly book, and Google :-)

Thanks, DaveP

** snip here **


NOTICE: The information contained in this email and any attachments is 
confidential and may be privileged.  If you are not the intended 
recipient you should not use, disclose, distribute or copy any of the 
content of it or of any attachment; you are requested to notify the 
sender immediately of your receipt of the email and then to delete it 
and any attachments from your system.

RNIB endeavours to ensure that emails and any attachments generated by
its staff are free from viruses or other contaminants.  However, it 
cannot accept any responsibility for any  such which are transmitted.
We therefore recommend you scan all attachments.

Please note that the statements and views expressed in this email and 
any attachments are those of the author and do not necessarily represent
those of RNIB.

RNIB Registered Charity Number: 226227


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message