Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

sessionId

 
Brijesh shah
Ranch Hand
Posts: 92
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello;

I know how session gets created by using httpSession object through which we can get and set session attribute in our webapps...n in this if we want any session attributes id then we use session.getId().

Is this different from sessionId thing of encodeURL() method...

Hope you get my doubt..

Waiting for your reply.

Regards;
Brijesh Shah
-SCJP1.5
-SCWCD(preparing).
 
Marc Peabody
pie sneak
Sheriff
Posts: 4727
Mac Ruby VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Careful. Session attributes are what get retrieved by session.getAttribute - calling other things attributes will lead to confusion.

The session.getId() should return the Id of the session, also known as JSESSIONID. This value gets added to URLs when you encode them, like you asked.
 
Brijesh shah
Ranch Hand
Posts: 92
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hello;

Thanks for replying marc.

I understood your point but i still confused, If i get the session id by session.getId(). The same thing can be done by encoding on url.

So my point is we can get the id through session.getId(), then why and what the use of encoding url.

--
Brijesh
 
James Mark
Ranch Hand
Posts: 115
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
jsessionid=JSESSIONID is true because sessionid is same for URL encoding
 
Marc Peabody
pie sneak
Sheriff
Posts: 4727
Mac Ruby VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Brijesh shah:
So my point is we can get the id through session.getId(), then why and what the use of encoding url.

Convenience.
 
Schandha Ravi
Ranch Hand
Posts: 167
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Mark,

I'm a beginner in Web component world and just started preparing for my exam. I have a small query here. Is that for "Convinience" or for routing back the sessionid to client via encoding URL, as the client may not be interested in accepting cookies.

Also, it is mentioned in Head First book that, Container woule embed a session object into a cookie and send it back to client through response. Good. But when there is a subsequent request from the client, Container verifies the cookie that came along with request. Now, my point is "Is the request coming from client application running from browser or the browser itself", because I haven't seen any code where any client application sending cookie along with its request.

An extension to the above question, assuming that browser would attach the cookie and send the http request to server, how can browser determine the exact cookie as we may have many cookies stored in our client machine through out the day browsing different sites. Please clarify me on these.

Thanks
Ravi
 
Marc Peabody
pie sneak
Sheriff
Posts: 4727
Mac Ruby VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
An extension to the above question, assuming that browser would attach the cookie and send the http request to server, how can browser determine the exact cookie as we may have many cookies stored in our client machine through out the day browsing different sites. Please clarify me on these.

I'll start with this first because it's the easiest. When a browser stores cookies, it also stores the domain. So you can have multiple cookies -even of the same name- stored on a single machine if they are from different domains.

I'm a beginner in Web component world and just started preparing for my exam. I have a small query here. Is that for "Convinience" or for routing back the sessionid to client via encoding URL, as the client may not be interested in accepting cookies.

Also, it is mentioned in Head First book that, Container woule embed a session object into a cookie and send it back to client through response. Good. But when there is a subsequent request from the client, Container verifies the cookie that came along with request. Now, my point is "Is the request coming from client application running from browser or the browser itself", because I haven't seen any code where any client application sending cookie along with its request.

The browser sends all the cookies with every request for the given domain. If the browser has cookies disabled, then we have to rely on URL rewriting. The API HttpServletResponse methods are actually encodeURL and encodeRedirectURL but the process is really rewriting, as encoding really means something else entirely. You could try to rewrite the URLs yourself but letting the container do it is a ton easier. The absolute easiest way is to use the c:url tag everywhere you don't want a user to get disconnected from a session.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic