InfoCenter Home > 4.4.1.1: Session programming model and environmentThe session lifecycle, from creation to completion, is as follows:
The steps are described in detail below. This information, combined with the coding example SessionSample.java, provides a programming model for implementing sessions in your own servlets. It is also recommended that you read the topics listed in the related information. They can influence how you implement sessions in your own servlets. Lifecycle in detail
To obtain a session, use the getSession() method of the javax.servlet.http.HttpServletRequest object in the Java Servlet 2.2 API. When you first obtain the HttpSession object, the Session Manager uses one of three ways to establish tracking of the session: cookies, URL rewriting, or SSL information. See section 4.4.1.1.1 for a discussion to help you decide which is more appropriate for your situation. Assume the Session Manager uses cookies. In such a case, the Session Manager creates a unique session ID and typically sends it back to the browser as a cookie. Each subsequent request from this user (at the same browser) passes the cookie containing the session ID, and the Session Manager uses this to find the user's existing HttpSession object. In Step 1 of the code sample, the Boolean(create) is set to true so that the HttpSession is created if it does not already exist. (With the Servlet 2.2 API, the javax.servlet.http.HttpServletRequest.getSession() method with no boolean defaults to true and creates a session if one does not already exist for this user.) After a session is established, you can add and/or retrieve user-defined data to the session. The HttpSession object has methods similar to those in java.util.Dictionary for adding, retrieving, and removing arbitrary Java objects. In Step 2 of the code sample, the servlet reads an integer object from the HttpSession, increments it, and writes it back. You can use any name to identify values in the HttpSession object. The code sample uses the name sessiontest.counter. Because the HttpSession object is shared among servlets that the user might access, consider adopting a site-wide naming convention to avoid conflicts. In order to provide feedback to the user that an action has taken place during the session, you may wish to pass HTML code to the client browser that indicates that an action has occurred. For example, in step 3 of the code sample the servlet generates a Web page that is returned to the user and displays the value of the sessiontest.counter each time the user visits that Web page during the session. Objects stored in a session that implement the javax.servlet.http.HttpSessionBindingListener interface are notified when the session is preparing to end, that is, about to be invalidated. This notice enables you to perform post-session processing, including permanently saving to a database data changes made during the session. You can end a session: |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|