skip to content »

Invalidating a session in jsp

invalidating a session in jsp-46

Now my question is whether session object exists after timeout and therfore I don't get null in first case.But when timeout is over, attributes set in session are removed automatically and I get null in second case.

invalidating a session in jsp-75invalidating a session in jsp-68invalidating a session in jsp-58invalidating a session in jsp-21

It would interesting if someone could share an example where he had to !In web-apps that require login, the user name is normally used.If your app doesn't require login, use any other object.And no, you are not using the same session object after a timeout.Kind Regards, Jakob Jenkov Http Session get Session(boolean create)Returns the current Http Session associated with this request or, if there is no current session and create is true, returns a new session.There are four techniques which can be used to identify a user session.a) Cookiesb) Hidden Fieldsc) URL Rewritingd) Session Object With Cookies , Hidden Fields and URL rewriting approaches, client always sends a unique identifier with each request and server determines the user session based on that unique identifier where as session tracking approach using Session Object uses the other three techniques internally.

Cookie is a key value pair of information, sent by the server to the browser and then browser sends back this identifier to the server with every request there on.

if(Session()Attribute("user") == null) or if(Session()Attribute("initialized") == null) That should take care of the problem :-) Kind Regards, Jakob Jenkov didn't read your message correctly before.

Some answers: 1) The servlet container makes sure there is always a session object present.

Seems that the session object relies on server for its GC.

What happens when session.invalidate() is called: Both attributes and session object are destroyed immediately??? In fact it is the servlet container that creates the session object.

ladder racks for trucks cheap Cheers, AT Session Invalidate() method removes the attributes bind into the session object as well as the session objects also dies where as the Session(false) will return the existing session only, if its not shows null means the session is already existing will be meant.