Win a copy of Beginning Java 17 Fundamentals: Object-Oriented Programming in Java 17 this week in the Java in General forum!

C Martes

+ Follow
since Sep 21, 2010
Cows and Likes
Total received
In last 30 days
Total given
Total received
Received in last 30 days
Total given
Given in last 30 days
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by C Martes

By tedious, I meant that because I'm new at Java, it seemed plausible that what I came up with on my own was less-than-optimal. I don't mind doing the work if it's the appropriate way to do it. I was just hoping for an opinion on an appropriate method (maybe either validation that my suggestion seemed appropriate or a suggested improvement).

Thanks in advance if any of you can recommend one (and thanks for the other replies too).
11 years ago
Don't get me wrong. I think the head first concept (visual examples that parallel real world) are great.

But as I recall, most (maybe all?) of the end of chapter exercises don't involve you coding and compiling. I'm not saying you don't write any code. It's just not integral to the text like it is in other books.

If you're an experienced programmer, maybe it doesn't matter that much. But I got much more out of other books that had you constantly writing and compiling all the way through.

As for the end of chapter exercises, I personally got nothing from trying to write code to produce nonsensical output (like a random sequence of numbers). I found most other texts work through more pactical examples that for me do a better job of illustrating the concepts taught.

But to each his own. There are like a million people on Amazon who wrote favorable reviews of the HF book. I just personally got more out of others.
11 years ago
Just commiserating.

From one greenhorn to another, it's bewildering how many different frameworks and such there are to learn everywhere you turn. It's hard for me to get through a single good tutorial without running down all sorts of other trails to just understand what certain acronyms mean (not even how such a framework or toolset works).

But one thing I have definitely found is that osmosis over time is having an effect.

Personally, I found the Head First Java book leaving me scratching my head a lot. It started off super slow when talking about OO stuff. But I got about 1/2 way thru the book and realized that if an intruder broke into my house and said I had to compile one single java class or else he'd shoot me...well, I wouldn't be typing.

I found the Sams Teach Yourself Java in 24 Hours a much more hands on book. Not as detailed in some areas, but it makes you code every single hour. In the Head First book, I got absolutely nothing out of those stupid code examples whose goal is to produce output like 9, 212, 5, e, 84.2. There's no logical reason to write a program to do that so the thought process you have to go through to "fill in the missing snippets" just hones your trial-and-error skills.

If you like web stuff, I have enjoyed Murach's Servlets and JSP's.

Also, if you use NetBeans, there is an OUTSTANDING ecommerce tutorial...probably the best tutorial I have gone through.

Best of luck.
11 years ago
Unless the visitor has just arrived at the site, right? Their first page request will not have the cookie, but that doesn't mean that cookies are disabled.

So if you get a request that has no cookie, EITHER the visitor just arrived at the site OR they have cookies disabled (or both). But to know for sure, don't you require an added check?
11 years ago
Thanks Abimaran. Clarification question though:

- we call request.getSession() --> session created
- container sends response with session ID (but let's say we don't use response.encodeURL()).
- user doesn't accept cookies so no cookie written
- In the next request from the client, the session ID is not in the header and no cookie is sent
- the next call to request.getSession() just starts the process all over again

In this scenario, the state never gets "conversational". I follow your logic when you use URL Rewriting. But if you don't use that backup method, it seems that somewhere in the flow you have to have a "check" to see whether cookies are being saved. Otherwise, in something like a shopping cart, the app would never remember what's been added.

So I guess the question is, if one chooses not to use URL rewriting (and doesn't use client-side testing with something like JavaScript), how/where would one test for and notify the user about the need for them to enable cookies?

Thanks in advance.
11 years ago
I'm trying get better clarity on the use of cookies in session management. Sorry for such a long post.

I understand (reasonably well) the pros and cons of using cookies vs URL rewriting for session management. I also have an ok understanding of how to code URL rewrites into the tags to ensure that backup method is correctly used.

My question is how things should be handled if one chooses to rely ONLY on cookies. One of the disadvantages of URL rewriting is security related (and not the purpose of my post).

Here's an example of the behavior I'm interested in duplicating. I was working through a Java tutorial last night and as part of the tutorial, I was instructed to disable cookies in my browser. So I did that and went on with the tutorial. I tabbed over to check my email (Google Apps Gmail) and my mailboox had already been redirected to a new screen telling me that I had to turn cookies on.

So Google seems to have a "listener", always listening for whether cookies are enabled and the minute it detects that they aren't it redirects program flow to notify the user.

My application that I'm working through is a standard eCommerce application. What I'm wondering is how to employ a cookies-only approach to session management. I'll politely request that you not try to convince me otherwise...I may still use URL rewriting as a backup. The purpose of my question is to learning about how to monitor whether cookies are enabled.

So, one method I thought of was to have a servlet whose sole job is to detect whether cookies are enabled, maybe using a method I'd write like CheckCookiesEnabled(). It could do this by writing a test cookie and reading it. Then, prior to any action that depends on continuity of the session, I call that method first. If cookies are still enabled, I let flow continue on to the intended action. If not, I redirect to a Google-like page that asks the user to turn cookies back on.

But this seems awfully tedious.

Then I thought about doing this just on the root url and treat it like a "gate". Users would only get thru the gate if cookies were enabled. The problems I saw with this option though are (A) what if a user bookmarks a page beyond the gate and has cookies disabled and (B) what if a user turns cookies off after passing the gate.

So it seems that to have a really robust application, I'd need to always know for sure that cookies are enabled.

Would an appropriate strategy be to assume that cookies are enabled and, whenever I need to store something in the session, use the request.getSession(false) method? If it returns not-null, I can continue on with program flow (knowing that cookies are enabled, because they HAVE to be enabled for the incoming request to be assosiated with an existing session, right?). If it returns null, I could at that point check whether cookies are enabled with my CheckCookiesEnabled() method.
11 years ago