Session Variables???

I'm creating a class to hold session variables.  I'm pretty new to jsp so I'll most likely be posting several questions.  My question right now is "What" types of information should I store for session variables?

So far I have

user
password
admin flag
last url

I feel that I'm not tracking enough (although, I am trying to keep it as simple as possible)

Could anyone offer advice.

Points are low so that I can hand out more if necessary.  If not necessar, I'll up the points.

TIA
LVL 8
dds110Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

jimmackCommented:
You don't want to create your own class for session variables.  You want to use the existing session ;-)

The first three attributes look OK.  Not sure what the last URL is for.  Nothing to stop you storing it though.

Servlet:
HttpSession session = request.getSession();
session.setAttribute("name", object);
Object o = session.getAttribute("name");

JSP:
same, only the "session" is already available.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
TimYatesCommented:
> HttpSession session = request.getSession();

Should be:

HttpSession session = request.getSession( true );
0
TimYatesCommented:
(I think) ;-)
0
Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

jimmackCommented:
Good catch Tim.  That will create the session object if it doesn't already exist ;-)
0
JNicCommented:
If you have af jsp with some form-elements that you know you will return to later, it will be a good idea to store these forms in session.

Fx. If you have a Calendar page-and have selected OCTOBER 2004, then you want to do something else (change content of a date), and return to the form.
In this case you could store the selections in session, and when you return to the page reload them.

So:

HttpSession ses = request.getSession(true);
ses.setAttribute("selectedMonth", request.getParameter("month"));
ses.setAttribute("selectedYear", request.getParameter("year));


And later:

HttpSession ses= request.getSession(true);
String month=ses.getAttribute("selectedMonth");
String month=ses.getAttriubte("selectedYear");

Hope it helps,

Nic
0
dds110Author Commented:
OK, going with those thoughts, is the httpsession kinda like an array so that it will store variables from several users?  How does it handle that?
0
JNicCommented:
Well, its closer to a Vector if you want... An array is many different objects of the same kind. The Session-object can store all kinds of objects as attributes.

Another example which does the same as before:

Class CalendarSelection{ // This class contains the selections.
String month;
String year;
   public CalendarSelection(String m, String y){
     month=m;
     year=y;
   }
}


HttpSession ses = request.getSession(true);
CalendarSelection cs=new CalendarSelection(request.getParameter("month", request.getParameter("year");
ses.setAttribute("selection", cs); // now the attribute was the CalendarSelection-object

If you want to know more about Session: http://java.sun.com/j2ee/sdk_1.3/techdocs/api/
and look under HttpSession.

0
dmcreynoCommented:
The session is on a per user basis. It stores name-value pairs, like a Hashmap. You can store just about anything (small). Everyone gets their own session. In the old day though, it was possible to get a collection of ALL the active sessions on the server, a major security risk (depending on how the session were being used). The javadoc for HttpSession interface still lists the old put/get Value, put being an indication of HttpSession's hash-map roots.
0
dmcreynoCommented:
Here is a snippet from one of tomcat's Session implementations showing that it is in fact a Hashmap, not a Vector.

    /**
     * The collection of user data attributes associated with this Session.
     */
    private HashMap attributes = new HashMap();

0
dds110Author Commented:
OK,

Like I said, i'm pretty new to this.  One of the things I want the session to do is determine if a user has signed in via an html form.  If a user bookmarks a page that needs signing in to, I want to redirect the user to the index page.  Here's some code:

<%@ page import = "java.*, java.io.*"%>
<%
      HttpSession ses= request.getSession();
      File myfile = new File("C:\\Program Files\\Apache Tomcat 4.0\\webapps\\ROOT\\FormsRepository\\sup");
                  File[] files = myfile.listFiles();

                  String x;
                  Object uservar;

                  uservar=ses.getAttribute("user").toString();
                  if(uservar=null){
                              response.sendRedirect("index.shtml");
            }
%>

This code fails at the if block.  What's going on here?

0
JNicCommented:
It has to be  :

if(uservar==null){

not

if(uservar=null){
0
dds110Author Commented:
It now gives me a null pointer exception
0
dds110Author Commented:
All of you have been helpful and patient enough.  You have all given me alot to ponder and research.  I will award the points now.

jimmack will get the points here.

jnic
dmcreyno
timyates will all have a new question with their points posted.

Thanks a lot.  I'll be back with more later.

DDS

0
dds110Author Commented:
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
JSP

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.