• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Paul Clapham
  • Ron McLeod
Sheriffs:
  • Jeanne Boyarsky
  • Liutauras Vilda
Saloon Keepers:
  • Tim Holloway
  • Carey Brown
  • Roland Mueller
  • Piet Souris
Bartenders:

Regarding session in JSPs, a question from Enthuware Mock Exam

 
Greenhorn
Posts: 19
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The following is a question from Enthuware Mock Exam:

The correct answer is "It will print Hello and will set the count attribute in the session."
I answered: "It will throw a NullPointerException at request time."

The explanation the tool gives for the correct answer is:
Explanation:
---------------------------
Had this code been in a regular servlet like this:

It would have thrown an NullPointerException as request.getSession(false) would have returned null (since this is a first ever request to the servlet container.)

However, in case of JSP pages, the session is automatically created by default. I.e. <%@ page session="true" %>
---------------------------

I wasn't convinced with the explanation and hence I tried creating a JSP and it worked as per the given comments. I also observed the servlet code resulting from translating the JSP (which said HttpSession session = pageCotext.getSession()). For the session attribute of page directive, the spec says:

If true then the implicit script language variable named session of type javax.servlet.http.HttpSession references the current/new session for the page.


But I fail to understand why a JSP is given a session object when it has not been explicitly "requested" by a developer; and what does it mean to have a new session just for the page? And given that, does a request to any JSP automatically associate a session with the client, even when there is no need to have a notion of "state"?

Regards,
Prashant
 
Sheriff
Posts: 9709
43
Android Google Web Toolkit Hibernate IntelliJ IDE Spring Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
This is given in the spec itself, I think you missed it

JSP Spec wrote:page directive session attribute
If true then the implicit script language variable named session of type javax.servlet.http.HttpSession references the current/new session for the page.
If false then the page does not participate in a session; the session implicit variable is unavailable, and any reference to it within the body of the JSP page is illegal and shall result in a fatal translation error.
Default is true.


So if you don't specify the session attribute in a JSP page, it will automatically create a session object. To stop the JSP from doing so, you'll have to explicitly set the session attribute of the page directive to false...
 
Prashant Shiralkar
Greenhorn
Posts: 19
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I did go through the spec, and I am convinced why that answer is what it is, but I don't see, from a design viewpoint, why a "new" session object is automatically available to all JSP pages with no existing session AND default value of "true" for the session attribute in the page directive.

Does it mean the JSP page which encounters this kind of code for the first time from a new user is the initiator of a new session for the user? or rather put another way - Is this session available to other resources for further requests from the same user?

If not, what use is a new session meant just for a JSP page, if its really not involved in any state maintenance and which ultimately is going to get destroyed at the end of _jspService method?
 
Ankit Garg
Sheriff
Posts: 9709
43
Android Google Web Toolkit Hibernate IntelliJ IDE Spring Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Is this session available to other resources for further requests from the same user?


Yes, this is a normal session so once a session is created for a user, further requests from the same user will use the same session...
 
Creator of Enthuware JWS+ V6
Posts: 3412
320
Android Eclipse IDE Chrome
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Prashant,

but I don't see, from a design viewpoint, why a "new" session object is automatically available to all JSP pages with no existing session AND default value of "true" for the session attribute in the page directive.


You should look at it as a convenience to the developer. The JSP (view) is normally where you show the results of the request being made. Often you want to show values of attributes which are stored in the Session object so you would have repeating code in the JSPs to get hold of the Session object.

Regards,
Frits
reply
    Bookmark Topic Watch Topic
  • New Topic