Win a copy of Cross-Platform Desktop Applications: Using Node, Electron, and NW.js this week in the JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

request.getSesion(false) problem  RSS feed

 
Neeraj Vij
Ranch Hand
Posts: 315
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

Flow of the application is.

loginServlet->role.jsp.

role.jsp contains has a html file as it's top frame.In this html file, there are few link's to different jsp's.

When I click one of those links and visit the required jsp.

when I do sess = request.getSession(false); in that jsp.

session returns null.

is it bcoz of the frame file being a html file, it is unable to carry forward the session.

fast response will be a great help.

Regards,
Neeraj.
 
Adeel Ansari
Ranch Hand
Posts: 2874
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
may be, not sure. you can try after changing the extension of your top frame file to .jsp.
 
Nitin Dubey
Ranch Hand
Posts: 126
Oracle
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Try using request.getSession(true). It is safer to use as I doubt that a session is already created in your case. Cross check it by storing some value in the user session first and then try to retrieve it in the desired page. request.getSession(true) will return the existing session if 1 is there else it will create a new session and it is returned. request.getSession(false) will return null if there is no session for the client. The boolean value passed to the getSession() method is create flag for session.

Nitin Dubey
 
Neeraj Vij
Ranch Hand
Posts: 315
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for the inputs.

Nitin, That's wat the application is trying to achieve, if the request is not from the same session redirect it to login page again.

neeraj.
 
Neeraj Vij
Ranch Hand
Posts: 315
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
but I am still clueless why it is getting session==null

neeraj.
 
Murthy Cherukumilli
Ranch Hand
Posts: 45
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
okay first thing is , unless your apllication wants to participate in the session your session is not created. the first time when a session gets created for your application is when you call the getsession() or getsessio(true) which indicates your webserver that this application is participating in the session.

As you said the whole purpose is to see if they belong to same session use a getsession() and then you can use the session.getId() and compare the session ids.
 
fdsafsdaf
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I steer my developers away from using the request.getSession() without using the boolean create qualifier. Using .getSession(true) at application entry points and thereafter only using .getSession(false) allows greater control over when a user gets a valid session.

If .getSession() is used throughout the application, it may result in user obtaining a valid session when they shouldn't.

TIP: A test for valid session should NOT consist of simply:
if ( request.getSession(false) != null ). It is better to look for the presence or absence of application-specific objects within the session to determine if session is valid.
[ October 28, 2004: Message edited by: G Hamer ]
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!