Win a copy of Murach's Python Programming this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

HttpSession  RSS feed

 
Vub bhat
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
How to assign one Httpsession to another so that attribute set for the first one can be get for the second.

Any help is greatly appreciated.
 
Pradeep bhatt
Ranch Hand
Posts: 8933
Firefox Browser Java Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am not sure whether I understood your question. Are you asking how to retrieve a value set in one httpsession and put it in another ? If yes , it is not possible to do that directly. At a time you can access only one httpsession at a time. You may have to store the value in some temp location and when the request for the 2nd session comes up retrieve the value from the temp location, then store the value.
 
Adeel Ansari
Ranch Hand
Posts: 2874
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Pradeep Bhat:
I am not sure whether I understood your question. Are you asking how to retrieve a value set in one httpsession and put it in another ? If yes , it is not possible to do that directly. At a time you can access only one httpsession at a time. You may have to store the value in some temp location and when the request for the 2nd session comes up retrieve the value from the temp location, then store the value.


Or store the whole session object in some temp location and assign that to the other session when it is time.

But then you have to takecare of session invalidation stuff.
[ April 09, 2005: Message edited by: Adeel Ansari ]
 
Pradeep bhatt
Ranch Hand
Posts: 8933
Firefox Browser Java Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Adeel Ansari:


Or store the whole session object in some temp location and assign that to the other session when it is time.


I dont think it is going to work. The reference to httpsession is maintained by the servlet container and not by our code. Let us you do

session = request.getSession(..);

session = getFromTempLocation();
session.setAttribute("name","pradeep");

The 2nd line changes the value of your reference to session and not the container's copy. I hope you understood.
 
Adeel Ansari
Ranch Hand
Posts: 2874
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sorry if I am mistaken. But I didn't understand. If we do like



Is there any problem, except what I have already mentioned?
 
Pradeep bhatt
Ranch Hand
Posts: 8933
Firefox Browser Java Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Adeel Ansari:
Sorry if I am mistaken. But I didn't understand. If we do like



Is there any problem, except what I have already mentioned?


I dont think that the original poster wanted to store the whole session in another session but just the attributes,. :roll:
 
Shailesh Chandra
Ranch Hand
Posts: 1082
Java Oracle Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Vub bhat:
How to assign one Httpsession to another so that attribute set for the first one can be get for the second.



what about getServeletContext().setAttribute("myAttribute",myObject);
and getServeletContext().getAttribute("myAttribute");

Shailesh
 
Adeel Ansari
Ranch Hand
Posts: 2874
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Shailesh Chandra:
what about getServletContext().setAttribute("myAttribute",myObject);
and getServletContext().getAttribute("myAttribute");


It should be like that, indeed. Store the object at servlet context, so it would be accessable to all.

Didn't mention it because thinking original poster knows this as well.
[ April 09, 2005: Message edited by: Adeel Ansari ]
 
William Brogden
Author and all-around good cowpoke
Rancher
Posts: 13078
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sorry if I am mistaken. But I didn't understand. If we do like
code:
session = request.getSession(false);
otherSession = getFromTempLocation();
session.setAttribute("otherSession",otherSession);
Is there any problem, except what I have already mentioned?

You bet there is a problem
HttpSession objects are managed by the servlet container, you should never try to save them in your own code. As everybody has already said, you should concentrate on storing and retrieving your own object references.
Bill
 
Adeel Ansari
Ranch Hand
Posts: 2874
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by William Brogden:
You bet there is a problem
HttpSession objects are managed by the servlet container, you should never try to save them in your own code. As everybody has already said, you should concentrate on storing and retrieving your own object references.


I didn't really mean to do that. I know it is not considered as a best practice, I was just discussing one more option. It sounded fishy to me, though. But I dont know what kinda problem would be? Anybody please.
[ April 11, 2005: Message edited by: Adeel Ansari ]
 
Pradeep bhatt
Ranch Hand
Posts: 8933
Firefox Browser Java Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Adeel Ansari:


I didn't really mean to do that. I know it is not considered as a best practice, I was just discussing one more option. It sounded fishy to me, though. But I dont know what kinda problem would be? Anybody please.

[ April 11, 2005: Message edited by: Adeel Ansari ]



problem ? The problem is You would be managing/working on you copy of the HttpSession and the not the containers. Remember that it is the container which manages session objects and they hold the reference. If you reassign the reference obtained from the container to some object , you would be working on your copy of http session. If you set some attribute on your session object you wont see the changes the next time because the changes were not made on the object managed by the container but on your local copy which ofcourse would not be available in your next request. Hope this helps.
 
Adeel Ansari
Ranch Hand
Posts: 2874
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Pardeep.

Just look at the following code.



Is this really a copy not the original one?
 
Pradeep bhatt
Ranch Hand
Posts: 8933
Firefox Browser Java Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Adeel Ansari:
Thanks Pardeep.

Just look at the following code.



Is this really a copy not the original one?


It is the real one. In case you do this,

myCopy = getFromDisk()//For e.g. if you are trying to get value from secondary storage.

What happens above is myCopy would be pointing a new object because of the assignment and the container is not aware of it. The containers copy is different.

The above eg. is simliar to what happens when you pass a reference to a method and in that method you assign the reference to a new object.
 
Adeel Ansari
Ranch Hand
Posts: 2874
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ok. We are all saying the samething. I am talking to store the session object in application context and then bind that to someother session. In this case all would be fine. Now I got you people, why you were saying that they would be two different copies. All clear. Sorry for the confusion.

I have done this before. I stored all the session objects inside the application context and the app was working like champ.
 
Adeel Ansari
Ranch Hand
Posts: 2874
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator


All confusion is because of this block of code. My mistake I haven't considered your temp location and just used it. Pardon.

 
William Brogden
Author and all-around good cowpoke
Rancher
Posts: 13078
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have done this before. I stored all the session objects inside the application context and the app was working like champ.

When the servlet container timed out and invalidated the session, what did you do?
Please note - when talking about Java objects it is important to distinguish between the object and the reference. You did NOT store objects in the context, you stored REFERENCES - references that were also held by the servlet container. [picky-mode]
Casually saying that you "pass an object" or "store an object" can lead to misunderstanding. [/picky-mode] As seen in some of the earlier discussion that appeared to assume you actually had a copy of the session object when what you had was a copy of the reference.
Bill
 
Yuriy Zilbergleyt
Ranch Hand
Posts: 429
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
For our application we are thinking of storing a userId->Session Map in the servlet context. That way if a user tries to start a second session this is noticed and the first session will be invalidated. Or possibly the user will get an option of whether or not to invalidate the first session, but probably not. A listener will determine when a session has timed out and remove the entry from the Map if it exists there. Of course there will be some synchronization issues and the need to tell whether the session has actually timed out or been forcefully invalidated and replaced by a new session, but that shouldn't be to hard.

Is there some problem with any of the above that I am not aware of?

-Yuriy
 
Ganesh Gowtham
Ranch Hand
Posts: 225
IBM DB2 Eclipse IDE Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by William Brogden:

When the servlet container timed out and invalidated the session, what did you do?
Please note - when talking about Java objects it is important to distinguish between the object and the reference. You did NOT store objects in the context, you stored REFERENCES - references that were also held by the servlet container. [picky-mode]
Casually saying that you "pass an object" or "store an object" can lead to misunderstanding. [/picky-mode] As seen in some of the earlier discussion that appeared to assume you actually had a copy of the session object when what you had was a copy of the reference.
Bill



Bill are u sure that all data that we are intended to store or storing (having only refernce with servlet container)
 
William Brogden
Author and all-around good cowpoke
Rancher
Posts: 13078
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
For our application we are thinking of storing a userId->Session Map in the servlet context.


Here is what I would do - create an object that holds all user related data - make sure it is serializable - make it implement SessionBindingListener and save a reference in the session and in the ServletContext Map keyed by the userId like you said. That way your object will be notified when the session times out and you can serialize it or whatever.
The big difference is you are NOT storing a separate reference to a HttpSession managed by the container, but a reference to an object that you manage.
Bill
 
Adeel Ansari
Ranch Hand
Posts: 2874
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by William Brogden:
When the servlet container timed out and invalidated the session, what did you do?


Thanks, William.
I know that and I did takecare of it. I implemented HttpSessionListener to hear those kinda events. Moreover, the problem you mentioned already mentioned by me in my very first post.

Now it is necessary and relevent to tell why I store the session objects in application context. I need to provide a functionality to kill any users' session. I implemented HashMap, it is serialized.


Please note - when talking about Java objects it is important to distinguish between the object and the reference. You did NOT store objects in the context, you stored REFERENCES - references that were also held by the servlet container.


Agreed. Its basic.
Thanks anyway.
[ April 12, 2005: Message edited by: Adeel Ansari ]
 
Adeel Ansari
Ranch Hand
Posts: 2874
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Casually saying that you "pass an object" or "store an object" can lead to misunderstanding.


Quite right. I understood. Actually I am not an english native, so please pardon.
Thanks for pointing out, i'll definitely takecare next time.
 
Yuriy Zilbergleyt
Ranch Hand
Posts: 429
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Here is what I would do - create an object that holds all user related data - make sure it is serializable - make it implement SessionBindingListener and save a reference in the session and in the ServletContext Map keyed by the userId like you said. That way your object will be notified when the session times out and you can serialize it or whatever.

But then how do I force-invalidate an old session when the user starts a new session while the old one is still valid?

Yuriy
 
Adeel Ansari
Ranch Hand
Posts: 2874
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Yuriy Zilbergleyt:

But then how do I force-invalidate an old session when the user starts a new session while the old one is still valid?


In my case we have an interface where all the sessions are listed along with the related information. Active sessions are indicated with a green sign and inactive are with grey sign, based on log out time. If the admin looks two sessions belongs to the same user and both sessions are active, means no logout time given, then the admin can kill the first one. I maintained the Map using sessionId, my own unique key, as a map key.

Moreover, as you are maintaining a Map using UserId as a key, then you can do whatever you want to at the time of his/her login.

- Display a message like, "Already logged in from somewhere else""
- Let him/her log in, then merge the sessions
- Let him/her log in, and invalidate the previous session
- etc...
 
William Brogden
Author and all-around good cowpoke
Rancher
Posts: 13078
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
But then how do I force-invalidate an old session when the user starts a new session while the old one is still valid?

I think that would depend on how you detect the fact that a user already in the system is trying to start a new session and what your policy is for having two simultaneous sessions.
If you have all the user's data in an object that you control, you can do anything you want.
Bill
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!