fail to track session

Posted on 2004-11-03
Medium Priority
Last Modified: 2013-12-10

I am using weblogic as my webserver. runing jsp pages.

I have problem on tracking the session.

At my login page, after verified the user, then i will include the AccountID into my session using

<jsp:useBean id="data" class="onevoice.classes.myData" scope="session" />

   if (loginsuccess) {

at index.jsp

i have 2 frameset - menu.jsp and content.jsp

At the content.jsp, when i try to get data.getAccountID the value return is 'null'. It only happen when i open a new browser. if 1st attempt i get failed, then i jst direct back to url and login again from the same browser, i manage to get the value for (data.getAccountID).

Please guide me, where is my mistake.


Question by:pyloh
  • 3
  • 2

Expert Comment

ID: 12546393
How are you referring to "data" in your content.jsp?  It should be the same way as before:

<jsp:useBean id="data" class="onevoice.classes.myData" scope="session" />


Framesets shouldn't matter if you're using session data. Are you sure that loginsuccess is really true the first time around?  You might want to try adding some println statements to your code in all the pages, to not only see the flow of the data, but whether or not your if statements are evaluating to true when you think they are.

Author Comment

ID: 12589963

Yes, i uses the same concept for my content.jsp

The login is success. i found out somethings..when i enabled the automated enabled cookies from Internet Explorer (Menu Bar> Tools option) it will solved my issue.

Please advice.


Expert Comment

ID: 12590735
Oh, well that's good.   By default, web servers store the session information in a cookie.  If your browser rejects the cookie automatically (instead of accept, or even prompt) then the server will never be able to "remember" the session is has with the browser.  There are ways around this, like always embedding the session ID in each request as a parameter, but common practice is to ask users to enable cookies.  I'd say about 95% of users have cookies enabled.  Most of them don't even know it. :)

Author Comment

ID: 12590989

<jsp:useBean id="data" class="onevoice.classes.myData" scope="session" />

The above method that i was using on my pages, is not a method to embed the session ID in each request as a parameter? If that isnt the case, can provide a sample on doing that?

Can we have application based to enable cookies, rather then doing that thru web browser?


Accepted Solution

Becky earned 200 total points
ID: 12591029
No I'm afraid web browsers control whether or not they have cookies enabled, but you can detect if cookies are enabled or not, then either redirect the user to a page requesting that they enable cookies, or embed the session ID in the URL parameter.  Weblogic knows what to do with the session ID when it sees it as a parameter (so long as it's called JSESSIONID).  

The response object has a method called encodeURL() will encode the URL that a user clicks on (it will embed the session ID in the url for you) if the user's browser doesn't support/allow cookies.  So all your links will need to pass through this method in order to maintain a session ID.  A couple of examples on how to do that:

An anchor:    <a href="<%= response.encodeURL("/path/to/page.jsp") %>">Click Me</a>
A Form action:    <form action="<%= response.encodeURL("/path/to/form/handler.jsp") %>" method="POST"></form>

So, to test this, create an anchor like the above one.  Enable cookies and click on it.  In your address bar you shouldn't see any session ID (if you do then I'm wrong and Weblogic always just puts it there :)).  Disable cookies in the browser - this time the session id will most certainly appear, and I'm pretty sure Weblogic will call it JSESSIONID.

No matter where your session ID comes from, so long as you are able to maintain a session (either via cookies or URL Rewriting) the useBean tag should work the same either way.

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Configure Web Service (server application) I. Configure security for Web Services methods First, we need to protect Session bean which implements the service: 1. Open EJB deployment descriptor (ejb-jar.xml) in the EJB project that contains you…
Verbose logging is used to diagnose garbage collector problems. By default, -verbose:gc output is written to either native_stderr.log or native_stdout.log.   It is also possible to redirect the logs to a user-specified file. This article will de…
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…
Kernel Data Recovery is a renowned Data Recovery solution provider which offers wide range of softwares for both enterprise and home users with its cost-effective solutions. Let's have a quick overview of the journey and data recovery tools range he…
Suggested Courses

601 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question