Solved

Session Variables???

Posted on 2003-11-05
14
658 Views
Last Modified: 2010-04-01
I'm creating a class to hold session variables.  I'm pretty new to jsp so I'll most likely be posting several questions.  My question right now is "What" types of information should I store for session variables?

So far I have

user
password
admin flag
last url

I feel that I'm not tracking enough (although, I am trying to keep it as simple as possible)

Could anyone offer advice.

Points are low so that I can hand out more if necessary.  If not necessar, I'll up the points.

TIA
0
Comment
Question by:dds110
  • 5
  • 3
  • 2
  • +2
14 Comments
 
LVL 15

Accepted Solution

by:
jimmack earned 25 total points
ID: 9688065
You don't want to create your own class for session variables.  You want to use the existing session ;-)

The first three attributes look OK.  Not sure what the last URL is for.  Nothing to stop you storing it though.

Servlet:
HttpSession session = request.getSession();
session.setAttribute("name", object);
Object o = session.getAttribute("name");

JSP:
same, only the "session" is already available.
0
 
LVL 35

Expert Comment

by:TimYates
ID: 9688078
> HttpSession session = request.getSession();

Should be:

HttpSession session = request.getSession( true );
0
 
LVL 35

Expert Comment

by:TimYates
ID: 9688082
(I think) ;-)
0
 
LVL 15

Expert Comment

by:jimmack
ID: 9688084
Good catch Tim.  That will create the session object if it doesn't already exist ;-)
0
 
LVL 1

Expert Comment

by:JNic
ID: 9688380
If you have af jsp with some form-elements that you know you will return to later, it will be a good idea to store these forms in session.

Fx. If you have a Calendar page-and have selected OCTOBER 2004, then you want to do something else (change content of a date), and return to the form.
In this case you could store the selections in session, and when you return to the page reload them.

So:

HttpSession ses = request.getSession(true);
ses.setAttribute("selectedMonth", request.getParameter("month"));
ses.setAttribute("selectedYear", request.getParameter("year));


And later:

HttpSession ses= request.getSession(true);
String month=ses.getAttribute("selectedMonth");
String month=ses.getAttriubte("selectedYear");

Hope it helps,

Nic
0
 
LVL 8

Author Comment

by:dds110
ID: 9688480
OK, going with those thoughts, is the httpsession kinda like an array so that it will store variables from several users?  How does it handle that?
0
 
LVL 1

Expert Comment

by:JNic
ID: 9688829
Well, its closer to a Vector if you want... An array is many different objects of the same kind. The Session-object can store all kinds of objects as attributes.

Another example which does the same as before:

Class CalendarSelection{ // This class contains the selections.
String month;
String year;
   public CalendarSelection(String m, String y){
     month=m;
     year=y;
   }
}


HttpSession ses = request.getSession(true);
CalendarSelection cs=new CalendarSelection(request.getParameter("month", request.getParameter("year");
ses.setAttribute("selection", cs); // now the attribute was the CalendarSelection-object

If you want to know more about Session: http://java.sun.com/j2ee/sdk_1.3/techdocs/api/
and look under HttpSession.

0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Expert Comment

by:dmcreyno
ID: 9688893
The session is on a per user basis. It stores name-value pairs, like a Hashmap. You can store just about anything (small). Everyone gets their own session. In the old day though, it was possible to get a collection of ALL the active sessions on the server, a major security risk (depending on how the session were being used). The javadoc for HttpSession interface still lists the old put/get Value, put being an indication of HttpSession's hash-map roots.
0
 

Expert Comment

by:dmcreyno
ID: 9688981
Here is a snippet from one of tomcat's Session implementations showing that it is in fact a Hashmap, not a Vector.

    /**
     * The collection of user data attributes associated with this Session.
     */
    private HashMap attributes = new HashMap();

0
 
LVL 8

Author Comment

by:dds110
ID: 9689437
OK,

Like I said, i'm pretty new to this.  One of the things I want the session to do is determine if a user has signed in via an html form.  If a user bookmarks a page that needs signing in to, I want to redirect the user to the index page.  Here's some code:

<%@ page import = "java.*, java.io.*"%>
<%
      HttpSession ses= request.getSession();
      File myfile = new File("C:\\Program Files\\Apache Tomcat 4.0\\webapps\\ROOT\\FormsRepository\\sup");
                  File[] files = myfile.listFiles();

                  String x;
                  Object uservar;

                  uservar=ses.getAttribute("user").toString();
                  if(uservar=null){
                              response.sendRedirect("index.shtml");
            }
%>

This code fails at the if block.  What's going on here?

0
 
LVL 1

Expert Comment

by:JNic
ID: 9689451
It has to be  :

if(uservar==null){

not

if(uservar=null){
0
 
LVL 8

Author Comment

by:dds110
ID: 9689678
It now gives me a null pointer exception
0
 
LVL 8

Author Comment

by:dds110
ID: 9689711
All of you have been helpful and patient enough.  You have all given me alot to ponder and research.  I will award the points now.

jimmack will get the points here.

jnic
dmcreyno
timyates will all have a new question with their points posted.

Thanks a lot.  I'll be back with more later.

DDS

0
 
LVL 8

Author Comment

by:dds110
ID: 9697733
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ajax auto save 15 98
java cigar challenge 58 206
Is possible to make a jsp script work with oracle wallet? 7 100
withoutString  challenge 40 182
In the hope of saving someone else's sanity... About a year ago we bought a Cisco 1921 router with two ADSL/VDSL EHWIC cards to load balance local network traffic over the two broadband lines we have, but we couldn't get the routing to work consi…
Note: This is the third blog post in a series on email clearinghouses (https://www.xmatters.com/alert-management/blog-email-has-failed-us?utm_campaign=70138000000ydLoAAI&utm_source=exex&utm_medium=article&utm_content=blog-post).   We’ve been talki…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now