Link to home
Start Free TrialLog in
Avatar of dds110
dds110

asked on

Session Variables???

I'm creating a class to hold session variables.  I'm pretty new to jsp so I'll most likely be posting several questions.  My question right now is "What" types of information should I store for session variables?

So far I have

user
password
admin flag
last url

I feel that I'm not tracking enough (although, I am trying to keep it as simple as possible)

Could anyone offer advice.

Points are low so that I can hand out more if necessary.  If not necessar, I'll up the points.

TIA
ASKER CERTIFIED SOLUTION
Avatar of jimmack
jimmack

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of TimYates
> HttpSession session = request.getSession();

Should be:

HttpSession session = request.getSession( true );
(I think) ;-)
Avatar of jimmack
jimmack

Good catch Tim.  That will create the session object if it doesn't already exist ;-)
If you have af jsp with some form-elements that you know you will return to later, it will be a good idea to store these forms in session.

Fx. If you have a Calendar page-and have selected OCTOBER 2004, then you want to do something else (change content of a date), and return to the form.
In this case you could store the selections in session, and when you return to the page reload them.

So:

HttpSession ses = request.getSession(true);
ses.setAttribute("selectedMonth", request.getParameter("month"));
ses.setAttribute("selectedYear", request.getParameter("year));


And later:

HttpSession ses= request.getSession(true);
String month=ses.getAttribute("selectedMonth");
String month=ses.getAttriubte("selectedYear");

Hope it helps,

Nic
Avatar of dds110

ASKER

OK, going with those thoughts, is the httpsession kinda like an array so that it will store variables from several users?  How does it handle that?
Well, its closer to a Vector if you want... An array is many different objects of the same kind. The Session-object can store all kinds of objects as attributes.

Another example which does the same as before:

Class CalendarSelection{ // This class contains the selections.
String month;
String year;
   public CalendarSelection(String m, String y){
     month=m;
     year=y;
   }
}


HttpSession ses = request.getSession(true);
CalendarSelection cs=new CalendarSelection(request.getParameter("month", request.getParameter("year");
ses.setAttribute("selection", cs); // now the attribute was the CalendarSelection-object

If you want to know more about Session: http://java.sun.com/j2ee/sdk_1.3/techdocs/api/
and look under HttpSession.

The session is on a per user basis. It stores name-value pairs, like a Hashmap. You can store just about anything (small). Everyone gets their own session. In the old day though, it was possible to get a collection of ALL the active sessions on the server, a major security risk (depending on how the session were being used). The javadoc for HttpSession interface still lists the old put/get Value, put being an indication of HttpSession's hash-map roots.
Here is a snippet from one of tomcat's Session implementations showing that it is in fact a Hashmap, not a Vector.

    /**
     * The collection of user data attributes associated with this Session.
     */
    private HashMap attributes = new HashMap();

Avatar of dds110

ASKER

OK,

Like I said, i'm pretty new to this.  One of the things I want the session to do is determine if a user has signed in via an html form.  If a user bookmarks a page that needs signing in to, I want to redirect the user to the index page.  Here's some code:

<%@ page import = "java.*, java.io.*"%>
<%
      HttpSession ses= request.getSession();
      File myfile = new File("C:\\Program Files\\Apache Tomcat 4.0\\webapps\\ROOT\\FormsRepository\\sup");
                  File[] files = myfile.listFiles();

                  String x;
                  Object uservar;

                  uservar=ses.getAttribute("user").toString();
                  if(uservar=null){
                              response.sendRedirect("index.shtml");
            }
%>

This code fails at the if block.  What's going on here?

It has to be  :

if(uservar==null){

not

if(uservar=null){
Avatar of dds110

ASKER

It now gives me a null pointer exception
Avatar of dds110

ASKER

All of you have been helpful and patient enough.  You have all given me alot to ponder and research.  I will award the points now.

jimmack will get the points here.

jnic
dmcreyno
timyates will all have a new question with their points posted.

Thanks a lot.  I'll be back with more later.

DDS