JSP and JSTL Tutorials - Herong's Tutorial Notes
Dr. Herong Yang, Version 3.09, 2006

JSP Sessions and Debugging

Part:   1  2  3  4 

JSP/JSTL Tutorials - Herong's Tutorial Notes © Dr. Herong Yang

Using Cookies

Using JavaBean Classes

HTTP Response Header Lines

Non ASCII Characters

JSTL and Expression Language

File Upload

Execution Context

JSP Elements

JSP Standard Tag Libraries (JSTL)

JSP Custom Tag

... Table of Contents

This chapter describes:

  • What is a session, and how a JSP server uses cookies to pass an IDs to the browser to link multiple HTTP requests together as a session.
  • What is the session object, and what functions are available on the session object.
  • A sample application to show you how to pass data between JSP pages.
  • How Perl tools can be used to help debug JSP applications at the HTTP communication level.

What Is a Session?

session: A concept to represent a series of HTTP requests and responses exchanged between a specific Web browser and a specific Web server, see the following diagram: 

           Server                Browser
ID created  | <-- Request #1  --- |
            | --- Response #1 --> | ID kept as cookie
            | <-- Request #2  --- | ID send back to server
            | --- Response #2 --> |
            | <-- Request #3  --- | ID send back to server
            | --- Response #3 --> |
            |     ......          |

The session concept is managed by the server. When the first request comes from a browser on a new host, the server makes the beginning of a new session, and assigns a new session ID. The session ID will be then send to the browser as cookie. The browser will remember this ID, and send the ID back to the server in the subsequent requests. When the server receives a request with session ID in them, it knows this is a continuation of an existing session.

When the server receives a request from a browser on a new host (request without a session ID), the server not only creates a new session ID, it also creates a new session object associated with the session ID. See the next section for details.

If there is no subsequent request coming back for a long time for a particular session ID, that session will be timed out. After the session has been timed out, if the browser comes back again with the associated session ID, the server will give an invalid session error.

The "session" Object

session: A object provided by the JSP server to hold information and methods common to all JSP pages running under one session. The session object must be an instance of a class that implements the javax.servlet.http.HttpSession interface defined by the J2EE specification. Here is the highlights of the HttpSession interface defined in J2EE 1.3:

  • getAttribute(): Returns the object that is associated to the specified key string. defined in the session.
  • getAttributeNames(): Returns an Enumeration object that contains all the key strings defined in the session.
  • getCreationTime(): Returns the time when this session was created, measured in milliseconds since midnight January 1, 1970 GMT.
  • getId(): Returns the session ID as a string.
  • getLastAccessedTime(): Returns the last time the client sent a request associated with this session, as the number of milliseconds since midnight January 1, 1970 GMT.
  • getMaxInactiveInterval(): Returns the maximum time interval, in seconds, that the servlet container will keep this session open between client accesses.
  • removeAttribute(): Removes the object associated with the specified key string from this session.
  • setAttribute(): Associate an object with the specified key string and store them to this session.
  • setMaxInactiveInterval(): Specifies the time, in seconds, between client requests before the servlet container will invalidate this session.

(Continued on next part...)

Part:   1  2  3  4 

Dr. Herong Yang, updated in 2006
JSP and JSTL Tutorials - Herong's Tutorial Notes - JSP Sessions and Debugging