Home
HttpSession interface
December 28, 2013
No Comments

HttpSession interface

The HttpSession object represents a user session. A user session contains information about the user across multiple HTTP requests.When a user enters your site for the first time, the user is given a unique ID to identify his session by. This ID is typically stored in a cookie or in a request parameter.

Here is how you access the session object:

  • public HttpSession getSession():Returns the current session associated with this request, or if the request does not have a session, creates one.
  • public HttpSession getSession(boolean create):Returns the current HttpSession associated with this request or, if there is no current session and create is true, returns a new session.

 

protected void doPost(HttpServletRequest request,
    HttpServletResponse response)
        throws ServletException, IOException {

    HttpSession session = request.getSession();
}

You can store values in the session object, and retrieve them later. First, let’s see how you can store values in the session object:

session.setAttribute("userName", "theUserName");

To read the value again, you do this:

String userName = (String) session.getAttribute("userName");

Values stored in the session object are stored in the memory of the servlet container.

An object of HttpSession can be used to perform two tasks:

  1. bind objects
  2. view and manipulate information about a session, such as the session identifier, creation time, and last accessed time.
HttpSession interface

Commonly used methods of HttpSession interface

  1. public String getId(): Returns a string containing the unique identifier value.
  2. public long getCreationTime(): Returns the time when this session was created, measured in milliseconds since midnight January 1, 1970 GMT.
  3. public long getLastAccessedTime(): Returns the last time the client sent a request associated with this session, as the number of milliseconds since midnight January 1, 1970 GMT.
  4. public void invalidate(): Invalidates this session then unbinds any objects bound to it.

Sessions and Clusters

If you have an architecture with 2 web servers in a cluster, keep in mind that values stored in the session object of one server, may not be available in the session object on the other server. So, if a user’s requests are divided evenly between the two servers, sometimes session values may be missing.

The solution to this problem would be one of:

  1. Do not use session attributes.
  2. Use a session database, into which session attributes are written, and from which it is read.
  3. Use sticky session, where a user is always sent to the same server, throughout the whole session.

 

 

<<Previous <<   || Index ||   >>Next >>

 

 

Previous
Next
Servlet

Related Posts

About The Author

Dinesh Rajput

Dinesh Rajput is the chief editor of a website Dineshonjava, a technical blog dedicated to the Spring and Java technologies. It has a series of articles related to Java technologies. Dinesh has been a Spring enthusiast since 2008 and is a Pivotal Certified Spring Professional, an author of a book Spring 5 Design Pattern, and a blogger. He has more than 10 years of experience with different aspects of Spring and Java design and development. His core expertise lies in the latest version of Spring Framework, Spring Boot, Spring Security, creating REST APIs, Microservice Architecture, Reactive Pattern, Spring AOP, Design Patterns, Struts, Hibernate, Web Services, Spring Batch, Cassandra, MongoDB, and Web Application Design and Architecture. He is currently working as a technology manager at a leading product and web development company. He worked as a developer and tech lead at the Bennett, Coleman & Co. Ltd and was the first developer in his previous company, Paytm. Dinesh is passionate about the latest Java technologies and loves to write technical blogs related to it. He is a very active member of the Java and Spring community on different forums. When it comes to the Spring Framework and Java, Dinesh tops the list!