• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Can't validate session

 
Ranch Hand
Posts: 93
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Greetings,
This thing is driving me crazy. Here is what happens. I use one servlet to
validate user login and load menu page. If login was sucesseful a session is
created. Here is the code where that happens.
private void login(HttpServletRequest request, HttpServletResponse
response)
throws ServletException, IOException, SQLException, LoginException {
PrintWriter out = response.getWriter();
Connection con = utils.connectDatabase();
User user = new User(con);
if (User.validateAndGetGroupId(userId, password)) {
String groupId = User.getGroupId();

if ((startupMenu == null) | | (startupMenu.equals("")))
startupMenu = "D_AdminMainPage.htm";
out.print(utils.loadURL(startupMenu));
session = request.getSession(true);
session.setAttribute("USERID", userId);
Utils.log("__________________________SESSION CREATED.");
}
con.close();
}
Once the menu page is there user can make selection where to go. Once the
selection is made another servlet is called. That servlet will veryfy the
existance of the session then use getAttribute("USERID"); to determine what
actions user can perform.
Now, problem is that session here is always null. I want to get session
previous servlet has created, if there isn't one i don't want to create new
one.
/**Process the HTTP Post request*/
public void doPost(HttpServletRequest request, HttpServletResponse
response) throws ServletException, IOException {
session = request.getSession(false);
response.setContentType(CONTENT_TYPE);
PrintWriter out = response.getWriter();
String page = request.getParameter("GOTO");
String pageName = page + ".htm";
Utils.log("=========================Session="+session);
if (session == null)
utils.errorPage(out, "Invalid session credentials.<br>Please return
to the login page for new login"
+ "<br><a href='index.htm'>Log in here</a>");
else
try {
utils = new Utils();
out.print(utils.loadURL(pageName));
}
catch(Exception e) {
utils.log("AdminMenuServlet.doPost.EXC-1", e);
utils.errorPage(out, "<br>Ooops! An unexpected error occured. Who
did this?!?!?!");
}
}
I have tried this on Weblogic as well as on tomcat and it's doing same
thing. Browser IE5.5.
Any help is greatly appreciated.

Thx, m, phx
 
Rancher
Posts: 13459
Android Eclipse IDE Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Two things, firstly I'd make sure you don't have cookies disabled in you browser (this is the primary mechanism for handling sessions).
Secondly you can try a URL rewiting version to get around the cookie problem using javax.servlet.http.HttpServletResponse.encodeRedirectURL(String)
Dave.
 
Greenhorn
Posts: 21
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello David,
As far as I know using cookies is one way of storing data in a session. Even if a browser has disabled cookies it mustn't effect session.
Smita
 
author
Posts: 3252
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Smita Tyagi:
Hello David,
As far as I know using cookies is one way of storing data in a session. Even if a browser has disabled cookies it mustn't effect session.


Sessions completely depend on cookies unless you let the servlet engine rewrite the URLs used in your application's hyperlinks by calling HttpServletResponse.encodeURL() on each and every URL.
- Peter
 
Did Steve tell you that? Fuh - Steve. Just look at this tiny ad:
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic