• Post Reply Bookmark Topic Watch Topic
  • New Topic

Is HTTPSession Serializable?  RSS feed

 
Kala Saseendran
Greenhorn
Posts: 19
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am learning few concepts in servlets. And i came across this doubt. We used to send data over network using httpsession as below.



And get the data in JSP with below code


How ever i am not sure whether HTTPSession is serializable or not.

Can some one explain how HTTPSession works?



 
Jeanne Boyarsky
author & internet detective
Marshal
Posts: 37181
515
Eclipse IDE Java VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Kala,
You aren't actually sending the session over the network in that example. JSPs are rendered on the server. Which is where the HttpSession is stored in memory.

HttpSession is sometimes serialized for "session persistence". This is used for failover between different servers. The answer to whether HttpSession is serializable is "maybe". It depends on the implementation. It also depends on what you put in the session. If you put in objects that aren't serializable, the session isn't going to be serializable.

Luckily, session persistence is a more advanced concept and you don't have to worry about it yet.
 
William Brogden
Author and all-around good cowpoke
Rancher
Posts: 13078
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
HttpSession objects are supposed to be managed by the server - you should not be messing with them outside of the standard servlet API.

If you need to move copies of collections of objects around the network, thats what the collection classes are for - HashMap for example. An HttpSession is just a collection plus management variables.

Bill
 
Bear Bibeault
Author and ninkuma
Marshal
Posts: 66152
146
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If you want more info on JSP, please read this article.

And, you should not be putting Java code in your JSP. That's an obsolete and outdate practice.
 
Tim Holloway
Bartender
Posts: 18662
71
Android Eclipse IDE Linux
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
HttpSession is an interface, not a concrete class, which makes it inherently unserializable. That's also true of SQL Connection, despite some people's attempts to incorrectly stuff Connections into HttpSession.

Every webapp server's concrete implementation of HttpSession is likely to be different. So you'd have to obtain that server's concrete instance of HttpSession (via a cast) before you could even begin to think about serializing it. And there's no absolute guarantee that the concrete httpsession object class implements java.io.Serializable.

In practical terms, it's common for webapp server clusters to serialize sessions and pass them back and forth between server instances (VMs). And/or to cache them to disk in order to save RAM. But web applications shouldn't depend on this being the case. As William says, you shouldn't be playing with them directly.

Session objects are different. An HttpSession holds a Map of session name/value object pairs, accessed via the HttpSession get/setAttribute methods. Those session objects must implement java.io.Serializable. Some webapp servers will get very annoyed if you try and store a non-serializable object in a session attribute.
 
Kala Saseendran
Greenhorn
Posts: 19
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks all for the information shared.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!