About this task
This information,
combined with the coding example SessionSample.java,
provides a programming model for implementing sessions in your own
servlets.
Procedure
- Get the HttpSession object.
To obtain
a session, use the getSession method of the javax.servlet.http.HttpServletRequest
object in the Java Servlet 3.0 API.
When you first obtain the
HttpSession object, the Session Management facility uses one of three
ways
to establish tracking of the session: cookies, URL rewriting, or Secure
Sockets
Layer (SSL) information.
Deprecated feature: Session tracking
using
the SSL ID is deprecated in WebSphere® Application Server
version 7.0. You can
configure session tracking to use cookies or modify the application
to use
URL rewriting
depfeat
Assume the Session Management facility
uses cookies.
In such a case, the Session Management facility creates a unique session
ID
and typically sends it back to the browser as a cookie. Each
subsequent
request from this user (at the same browser) passes the cookie containing
the session ID, and the Session Management facility uses this ID to
find the
user's existing HttpSession object.
In Step
1 of the code sample, the Boolean(create) is set to true so
that
the HttpSession object is created if it does not already exist. (With
the
Servlet 2.3 API and later, the javax.servlet.http.HttpServletRequest.getSession()
method with no boolean defaults to true and creates a session
if
one does not already exist for this user.)
- Store and retrieve user-defined data in the
session.
After
a session is established, you can add and retrieve user-defined data
to the
session. The HttpSession object has methods similar to those in java.util.Dictionary
for adding, retrieving, and removing arbitrary Java objects.
In
Step 2 of the code
sample, the servlet reads an integer object from the HttpSession,
increments
it, and writes it back. You can use any name to identify values in
the HttpSession
object. The code sample uses the name sessiontest.counter.
Because
the HttpSession object is shared among servlets that the user might
access,
consider adopting a site-wide naming convention to avoid conflicts.
- (Optional) Output an HTML response page containing
data from the
HttpSession object.
- Provide feedback to the
user that an action has taken place during
the session. You may want to pass HTML code to the client browser
indicating
that an action has occurred. For example, in step 3 of
the code
sample, the servlet generates a web page that is returned to the user
and
displays the value of the sessiontest.counter each time the user visits
that
web page during the session.
- (Optional) Notify
Listeners. Objects stored in
a session that implement the javax.servlet.http.HttpSessionBindingListener
interface are notified when the session is preparing to end and become
invalidated.
This notice enables you to perform post-session processing, including
permanently
saving the data changes made during the session to a database.
- End the session. You can end a session:
- Automatically with the Session Management facility
if a session is inactive
for a specified time. The administrators provide a way to specify
the amount
of time after which to invalidate a session.
- By coding the
servlet to call the invalidate() method on the session object.
Example
import java.io.*;
import java.util.*;
import javax.servlet.*;
import javax.servlet.http.*;
public class SessionSample extends HttpServlet {
public void doGet (HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
// Step 1: Get the Session object
boolean create = true;
HttpSession session = request.getSession(create);
// Step 2: Get the session data value
Integer ival = (Integer)
session.getAttribute ("sessiontest.counter");
if (ival == null) ival = new Integer (1);
else ival = new Integer (ival.intValue () + 1);
session.setAttribute ("sessiontest.counter", ival);
// Step 3: Output the page
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("<html>");
out.println("<head><title>Session Tracking Test</title></head>");
out.println("<body>");
out.println("<h1>Session Tracking Test</h1>");
out.println ("You have hit this page " + ival + " times" + "<br>");
out.println ("Your " + request.getHeader("Cookie"));
out.println("</body></html>");
}
}