session objects are not saving - please advise

Hello everyone,

For some reason, my session objects are not saving in my jsps

For example I have this code is a small application:

      if (session.getAttribute("userid") == null) {
            %>should go here once, and thats it<%
            session.setAttribute ("userid", new String(request.getUserPrincipal().getName()));

I include this block in another page, and every single time I reload the page the "should go here once, and thats it" line keeps coming up. Anyone know what I am doing wrong? Please help!
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

browser may not have cookies enabled so a new session is created for each request.
first make sure that
request.getUserPrincipal() or request.getUserPrincipal().getName() dosn't return null

Are you sure that you have declared session like
HttpSession session = request.getSession();

I hope that helps.

Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

neojin80Author Commented:
I have tested it in both IE and Firefox with cookies enabled so I know that's not the problem.

Yes, request.getUserPrincipal().getName() does not return null

This is in a JSP, and I believe session is implicit.

Anyone else?
please post ur platform information, App Server, etc
neojin80Author Commented:
After some more testing, I believe this issue has something to do with single sign on and ssl in tomcat.

I have 3 web applications, with single sign on enabled. The 3 web applications are called ROOT, Billing, and Admin. From the ROOT, when a user clicks a link that takes them to the Billing context, a new session is instantiated, however is behaves like the problem above. When I turn off SSL, then the problem goes away and the session starts to work.

Very strange. I will post my web.xml file below:

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.4"

      <description> accessible by authenticated users of the PI and ACP Admin role</description>
     if (session.getAttribute("userid") == null) {
          %>should go here once, and thats it<%
          session.setAttribute ("userid", session.getAttribute("userid") ); //you do not need to do that again as you already have this attribute in session (I beleive that's trus if you already did it).

Anyway, you need to set the attribute before you get it, you are retreiving it before you are setting it, that's why you get null all the time. If you are getting userid from some other place(JSP), then get it like
String userid = (String) request.getParameter("userid");
now set the attribute,
Once it is set you can retreive it anywhere within that session.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.