tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Allistair Crossley" <>
Subject RE: HttpSession usage
Date Mon, 17 Jan 2005 09:07:38 GMT

Sounds to me like you need to do some reading on JSP/Servlets, any book will explain sessions
to you and provide examples. There are numerous online resources too.

Yes, session is the object you should use and the getAttribute and setAttribute methods would
retrieve and set variables in that scope respectively.

You don't need to worry about identifying the user in most cases, this is managed internally
with cookies, i.e you would not need to check, you can assume. 

The reason you see jsessionid being appended onto some URLs ni JSPs is because the user may
have cookies turned off, in which case when they post or whatever back to the server, the
server may create a new session.

I'm not entirely sure of the strategy or decisions developers use to determine if they are
going to add jsessionid manually to URLs in JSPs, perhaps someone can pick that up for you.
It may be that you could test the user's ability to store cookies and make a decision there.

I would recommend picking up a good JSP/Servlet manual for examples.

Cheers, Allistair.

> -----Original Message-----
> From: Pawson, David []
> Sent: 17 January 2005 09:00
> To:
> Subject: HttpSession usage
> I need to maintain state across two form submissions;
> the first one requires that a user confirm an int and string;
> the second one records a small amount of metadata, user information
> and transaction information.
> Am I right in thinking that HttpSession getAttribute and putAttribute
> are the right way to acess  and record such state information 
> for common
> access in different servlets please?
> When the second post occurs,   How do I check that I've got the right
> users session data please, if there are a number of users logged in?
> Is this the idea of passing the sessionID as a query string 
> to the servlet
> the normal way in which these two are matched? QueryString= 
> session.getId() ?
> Which raises the question, what to do on a mismatch? I guess 
> that's down
> to the application. The class appears not to have the ability to get
> sessionData matching a  specific sessionID  value.
> Regards DaveP.
> **** snip here *****
> -- 
> NOTICE: The information contained in this email and any 
> attachments is 
> confidential and may be privileged.  If you are not the intended 
> recipient you should not use, disclose, distribute or copy any of the 
> content of it or of any attachment; you are requested to notify the 
> sender immediately of your receipt of the email and then to delete it 
> and any attachments from your system.
> RNIB endeavours to ensure that emails and any attachments generated by
> its staff are free from viruses or other contaminants.  However, it 
> cannot accept any responsibility for any  such which are transmitted.
> We therefore recommend you scan all attachments.
> Please note that the statements and views expressed in this email and 
> any attachments are those of the author and do not 
> necessarily represent
> those of RNIB.
> RNIB Registered Charity Number: 226227
> Website:
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

QAS Ltd.
Developers of QuickAddress Software
<a href=""></a>
Registered in England: No 2582055
Registered in Australia: No 082 851 474

View raw message