Getting Data anywhere By storing in Session

Hi All,

I've sample code of jsp and servlets. Below is my code.

Index.html

<!DOCTYPE html> <html> <head> <meta charset="ISO-8859-1"> <title>Insert title here</title> </head> <body> <form action="AnnotationServlet"> Enter Your name: <input type="text" name="name"/> Enter Your Age: <input type="text" name="age"/> <input type="submit" title="Submit"/> </form> </body> </html>

welcome.jsp

<%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"%> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <title>Insert title here</title> </head> <body> <h3>Hi Mr. <%= request.getSession().getAttribute("name") %>. Your Age is <%= request.getSession().getAttribute("age")%>. </h3> </body> </html>

AnnotationServlet.java
package com.dioxe; import java.io.IOException; import java.io.PrintWriter; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; /** * Servlet implementation class AnnotationServlet */ @WebServlet("/AnnotationServlet") public class AnnotationServlet extends HttpServlet { private static final long serialVersionUID = 1L; /** * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { System.out.println("In doGet method"); String name = request.getParameter("name"); String age = request.getParameter("age"); HttpSession session = request.getSession(); if ( name != "" && age != "" && name != null && age != null ) { session.setAttribute("name", name); session.setAttribute("age", age); } response.sendRedirect("welcome.jsp"); } /** * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) */ protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { System.out.println("In doPost method"); } }

Now I want to store those username and age(in .html) somewhere and I want those information in welcome.jsp. Now, I'm storing all those in session itself(In doGet method(servlet)). I think, there may be still better and good way to store. Please can anyone suggest me, with proper explanation.

2 Doubt) Also, when I get the session in servlet HttpSession session = request.getSession(); line No. 27. The session value is

org.apache.catalina.session.StandardSessionFacade@69a8bf4f

. I'm expecting that session is to be empty. Because, I dint store anything until that line. Please explain me this too.

Thanks
Ramakrishna K.C

For starters, you should never handle a login via GET - it transfers parameters in the URL, and thus makes the password visible in all kinds of places where it should not be visible. Very bad.

I'm expecting that session is to be empty. Because, I dint store anything until that line.

You're assuming that the toString method shows the contents of the session - it does not. See the javadocs of the HttpSession class to learn about the various methods you can use to examine the session's content.

if ( name != "" && age != "" && name != null && age != null )

Never compare strings using "==" or "!=", use the "equals" method instead. And when you do that, you'll find that that you need to check for null before using equals.

For starters, you should never handle a login via GET - it transfers parameters in the URL, and thus makes the password visible in all kinds of places where it should not be visible. Very bad.

Yeah. I got that. Just for quick post I typed dummy prog.
Thanks for your suggestion.

Never compare strings using "==" or "!=", use the "equals" method instead

Yeah. equals method is right. But, != comparison also wrong?

Now I want to store those username and age(in .html) somewhere and I want those information in welcome.jsp. Now, I'm storing all those in session itself(In doGet method(servlet)). I think, there may be still better and good way to store. Please can anyone suggest me, with proper explanation.

This is my main Problem.

Thanks

But, != comparison also wrong?

Yes, it's the same as with "==".

I think, there may be still better and good way to store.

Why do you think that? In which way would you like to improve on it?

like, If I have more and more parameters.. then I can't store all those in session right? I mean, its not good right?

The answer, as always, is: it depends. 10 attributes per user of 100 bytes each with 1000 concurrent sessions - no problem. 100 attributes per user of 1000 bytes each with 1000 concurrent session - maybe a problem, but probably not (code that deals with 100 session attributes per user is likely badly designed, though).

so.. No need to worry? This code is right? I've to store all attributes in session itself, causes no problem?

You missed my point: it depends on the quantity of data per user, and the number of concurrent users. (And, of course, on the amount of memory allocated to the JVM.) Having two simple attributes per user -like in the code you showed- should be fine.

Another question to consider:

How long will this data be needed in your application?

If only for a single session then that is exactly what HttpSession is for. All data will be "forgotten" when the session times out after the user is finished.

If for an extended relationship then you obviously need a long term storage solution.

Bill