Session is not preserverd whn sendRedirect is used ???

Hi,

Guys i found the following quote in one of the forums, and am not convinced with this statement, let me know if this is true, plzz

When you forward the request with requestDispatcher.forward the target servlet/JSP share the same session. But with sendRedirect the session information is not preserved. ( target is not in scope of session)

-Tripter

hi,


No that statement is wrong as my knowledge goes.
i have worked with the servlets and used the sendredirect mechanism, and the session info is preserved there, im able to get the session object from there also


regards,
aadi

As far as I am aware it is wrong. The only condition I can think where it may be correct is the situation where the sendRedirect is the response to the first request, and this response is also the one trying to set the session cookie. I'm not convinced but it may be possible.

eg.
Session session = request.getSession(); response.sendRedirect("/somewhere.else");

In this case the instruction either may not be sent or accepted and hence the session would not be created , but but I'm not sure, and I'm not convinced.

Like I said, sounds wrong.

It looks like a typo error. It seems that the para refers to the requst scope rather than session.

Hi,

Thanks for sharing your views guys!!

-Tripter

Hello

Check the thread again. It is correct.

https://coderanch.com/t/170618/java-Web-Component-SCWCD/certification/sendRedirect-Vs-requestdispatcher-forward

OK, I see where the confusion is coming from. The quote is not correct, or in the very least worded very badly. But I think I understand what the author was trying to get at.

If you use sendRedirect to redirect the user to a different context, i.e. a different application, of course the session information is not preserved. It would be meaningless because sessions are tied to a specific context. (for example, my session information from javaranch would have no meaning if I decided to go to yahoo)

However, using sendRedirect within the same context works perfectly. The author of the previous quote mistakenly implies that sendRedirect is only used when changing contexts, however, this is not the case. There are times when it is advisable to redirect within the same context. For example, if you need to send the user to a new page, but wanted to maintain the previous page's URL inthe browser cache.

Another case when the redirect is to switch to different protocol http to https.

if you need to send the user to a new page, but wanted to maintain the previous page's URL in the browser cache.

Don't you think for this you need to go for RequestDispatch rather than sendRedirect?

Don't you think for this you need to go for RequestDispatch rather than sendRedirect?

My mistake (early morning here ) I should have said "if you need to send the user to a new page, and wanted to maintain both the previous page's URL and the new page's URL in the browser cache."

Another case when the redirect is to switch to different protocol http to https.

What would happen in above situation - sendRedirect() to same context but changing to ssl. I dont know about SSL much but its seems that it has some built-in facility to identify clients. And in that a case, a newly created SSL session should be considered as some new session. Am I right?