JSTL uses session scope. For example, the fmt tags use session scope to store a variable named "javax.servlet.jsp.jstl.fmt.request.charset". This bothers me - a lot. Sessions should be under the full control of the application programmer. They should not be created by low-level items such as JSTL tags. Arguments in favor of this position : - sessions put an extra load on the server - when cookies are not available, URLs are rewritten, and become much longer. It is often desirable to keep URLs simple and short if at all possible, since it makes them easier for people to copy/paste out of emails (for exmaple). I am going to pains in the current app I am building to create sessions only when necessary. However, it seems that JSTL is creating them "without my consent" in the background (this is unconfirmed, however). Has anyone a comment on this issue?
If you are using JSP and Servlets you are going to have a session. The fact that JSTL tacks an attribute onto this session does not create any new sessions. It merely adds an entry in the map that the already existing session is maintaining to keep track of its attributes. This is a cheap and simple operation. And yes, it behooves one when writing a web app to be sure that session data does not get out of control, but that is clearly not the case here. hth, bear
John, most of the default scoping used by the JSTL is page, not session. Are you explictly setting the scope attribute to session? If not, which actions are you talking about? Sue
Such sessions are not part of my program logic. I cannot see any other possible source for them except JSTL. If such is the case, I would submit that JSTL should *NOT* be behaving like this. No way Jos�.
FYI: From the JSTL spec, section 8.4: "After an action has called ServletResponse.setLocale(), and sessions are enabled, it must determine the character encoding associated with the response locale (by calling ServletResponse.getCharacterEncoding()) and store it in the scoped variable javax.servlet.jsp.jstl.fmt.request.charset in session scope."
Yes. As shown in this log extract, the value is "ISO-8859-1", which is the default character encoding. SESSION Object Name: javax.servlet.jsp.jstl.fmt.request.charset Value: "ISO-8859-1" As well, I am using the Jakarta Taglibs implementation.
This attribute may be used by the <fmt:requestEncoding> action (see Section 8.10) in a page invoked by a form included in the response to set the request charset to the same as the response charset. This makes it possible for the container to decode the form parameter values properly, since browsers typically encode form field values using the response�s charset.
The answer: JSPs always create a session, if one does not exist. This default behavior is turned off using the page directive, as in <%@ page session="false" %> See: http://www.javapractices.com/Topic191.cjp
Post by:autobot
Life just hasn't been the same since the volcano erupted and now the air is full of tiny ads.
a bit of art, as a gift, that will fit in a stocking