• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • Liutauras Vilda
  • Jeanne Boyarsky
  • paul wheaton
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Henry Wong
Saloon Keepers:
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Tim Moores
  • Mikalai Zaikin
Bartenders:
  • Frits Walraven

How to validate user's session while accessing other pages?

 
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi I have 2 servlets, Authentication Servlet and Application Servlet. I am checking user credentials against active directory (LDAP). Upon successful login attempt, user is redirected to the right welcome page. In the welcome page, I have a form with a submit button. When the user submits the form, it will hit the Application Servlet's doPost(). My question is, how will i check if the user's session is active before serving the form request?

I only have the session object available in Authentication Servlet, but my application Servlet does not know about it. Do i need to maintain any persistance in my code apart from the HttpSession's API? Can someone help me?

Thanks
 
Saloon Keeper
Posts: 7645
178
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
An HttpSession is valid and accessible for all servlets that are part of the same web app, not just the one that started it. Have you tried accessing the session from the other servlet?
 
Viswa Rama
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Tim,

Thanks for your quick reply and it was a good piece of information.

I am able to see the session object in the other servlet. So the httpsession's scope is across webapp, not just servlet cool.

Thank you so much.
 
Bartender
Posts: 2856
10
Firefox Browser Fedora Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Viswanadh Ramadugu wrote:Tim,

So the httpsession's scope is across webapp, not just servlet cool.


This statement is a bit confusing because yes, the session object is accessible for all the resources that the web-app has. But that does not mean that scope of the session is same as the application scope.
The session object is destroyed with the session. Also there are multiple session objects which are mutually exclusive. That means if I store a certain value in one user's session object, I cannot access it from other user's session object.
Both the above mentioned things can be done by a application context object, which has the widest scope in the web-app.
 
Viswa Rama
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Amith,

I am in the page same page. May be my wordings are little amateur. Your explanation gives a lot of clarity though.

Thank You
 
You've gotta fight it! Don't give in! Read this tiny ad:
Gift giving made easy with the permaculture playing cards
https://coderanch.com/t/777758/Gift-giving-easy-permaculture-playing
reply
    Bookmark Topic Watch Topic
  • New Topic