• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

doubts in session

 
Ranch Hand
Posts: 30
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

On getting the first request from the user
request.getSession() creates a unique sessionID and adds to response object as cookie header
and sends it back to the browser with response
On subsequent requests from the same user it identifies the user through sessionID received through the request..



My question is
1. Is the sessionID(the same one) is added to the response on 2nd and 3rd and... response to browser or on only the first response ??.
2. If we call session.invalidate() then what is actually destroyed. How does the browser know that session has been invalidated if he does not get any hint from response object?? (if the answer to Q 1 is -ve)
3. Does the container automatically send new sessionid after session.invalidate() method has been called??

THERE ARE NO DUMB QUESTIONS....HFSJ



 
Ranch Hand
Posts: 2458
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

muktesh tripathi wrote:
1. Is the sessionID(the same one) is added to the response on 2nd and 3rd and... response to browser or on only the first response ??.


Only if the request doesn't contain any cookie with the session ID nor the jsessionid attachment in the request URI.


2. If we call session.invalidate() then what is actually destroyed. How does the browser know that session has been invalidated if he does not get any hint from response object?? (if the answer to Q 1 is -ve)


The session ID is also stored on the server side. If it isn't present, a new one will be created, hereby setting/overriding the cookie.


3. Does the container automatically send new sessionid after session.invalidate() method has been called??


When the session is needed, yes.

THERE ARE NO DUMB QUESTIONS....HFSJ


Uhm, OK.
reply
    Bookmark Topic Watch Topic
  • New Topic