Three ways a session can die:-
a. If time out
b. You call invalidate() on the session object
c. The application goes down(crashes or is underplayed)
Configure a timeout in the DD has virtually the same effect as calling setMaxInactiveInterval() on every session that’s created.
<web-app>
<servlet>
</servlet>
<session-config>
<session-timeout>30</session-timeout>
</session-config>
</web-app>
session.setMaxInactiveInterval(seconds);
session.invalidate():-
end the session. This includes unbinding all session attributes currently stored in this session.
Some points:
One problem how does the Container know who the client is?
The client needs a unique session id-on the client first request, the container generates a unique session ID and gives it back to the client with the response. The client sends back the session ID with each subsequent request.
How do the client and container exchange Session id info?
The simplest and most common way to exchange the info is through cookies.
URL Rewriting will happen automatically if cookies don’t work with client, but you have to explicitly encode all of the URLs you write.
To encode a URL, call response.encodeURL(a String)
URL rewriting works with sendRedirect()-there are a special URL encoding method just forthat:
Response.encodeRedirectURL(“/test.do”);
a. If time out
b. You call invalidate() on the session object
c. The application goes down(crashes or is underplayed)
Configure a timeout in the DD has virtually the same effect as calling setMaxInactiveInterval() on every session that’s created.
<web-app>
<servlet>
</servlet>
<session-config>
<session-timeout>30</session-timeout>
</session-config>
</web-app>
session.setMaxInactiveInterval(seconds);
session.invalidate():-
end the session. This includes unbinding all session attributes currently stored in this session.
Some points:
One problem how does the Container know who the client is?
The client needs a unique session id-on the client first request, the container generates a unique session ID and gives it back to the client with the response. The client sends back the session ID with each subsequent request.
How do the client and container exchange Session id info?
The simplest and most common way to exchange the info is through cookies.
URL Rewriting will happen automatically if cookies don’t work with client, but you have to explicitly encode all of the URLs you write.
To encode a URL, call response.encodeURL(a String)
URL rewriting works with sendRedirect()-there are a special URL encoding method just forthat:
Response.encodeRedirectURL(“/test.do”);
No comments:
Post a Comment