This week's book giveaway is in the Other Languages forum.
We're giving away four copies of Functional Reactive Programming and have Stephen Blackheath and Anthony Jones on-line!
See this thread for details.
Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

HttpSession = total confusion

 
Rohit Ahuja
Ranch Hand
Posts: 121
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have a few questions about the HttpSession.
1.I was going through one of the articles at
http://jguru.com/faq/view.jsp?EID=1079642
It states that session id gets stored in the database. My confusion is, when i install a server ( Orion in my case ) I have'nt connected to the database yet and i use HttpSession and it works just fine. Does HttpSession id get saved in the database?? As far as my knowledge goes it gets stored as a key value pair on the server itself...
2.If i have cookies disables, how will the site on which i have fully coded using HttpSession work. Does anyone have a code where we check for Cookies setting before deciding the type of Session Tracking.
And also, i was debating with one of my friends where exactly this above code be embedded.if i only set it on my login page and suppose after entering the site the pranky decides to disable cookies, my web-site goes for a toss ??
And if i put this check on each and every page of my website, does'nt it cause any overhead, am i not hampering the response time ??

Timmy( refering to Holloway ) the problem solver, RESCUE ME !!!
 
Amir Ghahrai
Ranch Hand
Posts: 110
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Deepak,
As regards with your first question, I doubt that the session gets stored in the database. Your session gets stored in a variable called jsessionid which in turn can either be stored on the server or as cookies in the client's machine.
For question 2, Once you have declared a HttpSession variable, you can gain access to it and retrieve its value. Ofcourse you can define the scope (request, page, application) for your session, so that you don't need to rewrite the code everytime in every page. all you have to do is to retrieve its value on each page to identify the source of request.
I suggest encoding all your links (anchor tags) so that when cookies are disabled on client's browser, then URL-rewriting is taken over automatically. You can try this by disabling cookies on your machine and then focus on the web address bar on your browser. each time you make a request, the jsessionid is appended to the url and any query strings, provided that you have encoded your links.
HTH
 
Philip Shanks
Ranch Hand
Posts: 189
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Amir Ghahrai:

Your session gets stored in a variable called jsessionid which in turn can either be stored on the server or as cookies in the client's machine.

Not "or" -- the session is stored on both sides of the conversation (either in a cookie or encoded into the URL on the client, and in the session context on the server), and that is how the server can recognize the client on subsequent requests.
I think it would be rare that an application would need to persist a session ID in a database, beyond the context of the actual session.
 
Rohit Ahuja
Ranch Hand
Posts: 121
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanx Amir,
That helps theoretically, but can u help me with some sample code?? or may be some url defining the sample code??
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic