Servlets :: Disabling Cookies In Firefox Does Not Create Session
Mar 4, 2014
I'm experimenting the basic concepts of Servlet technology with my below simple setup.
I have a welcome.jsp defined under webContent in eclipse and my welcome.jsp looks like
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1" [b]session="false"[/b]%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
[Code] ....
Now I have few questions based on the above setup
1) As you see session="false" in jsp, and when I used scriptlet like <%= request.getSession(false) %>, I see "null" being printed but if I use pageContext.request.session.id, the session is not null. How does session = "false" influences scriptlets and implicit objects and why the behavior is different
2) If session really exists, even when session=false is used, when I disabled cookies in FireFox browser and click on "click Me" hyperlink, the control goes to Controller, but in the servlet, I see 'No Session Created" being displayed. Which means session was not created and probably because I used false is getSession(false). But if I enable cookies, with the same setup, I get Session ID = << some value>> being printed and this is same as the session what printed through pageContext.request.session.id in the jsp.
So when cookies disabled, how can pageContext.request.session.id actually printed session id , but not in servlet and when cookies enabled, the same session id is displayed in both cases.
My question is why there is no impact in jsp, when cookies are disabled.
View Replies
ADVERTISEMENT
Apr 1, 2014
How can i create a session when i loged in and how can i invalid it when i logout?
View Replies
View Related
Mar 19, 2015
I am trying to use three cookies in a servlet to store the background and foreground color and text size but my code is not working for some reason. When I run the servlet I get an IndexOutOfBounds exception and in my code is says my cookies are not ever used, when they should be to store the variables?
package httpServlets;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.Date;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
[code]....
View Replies
View Related
Jun 3, 2014
I have a simple application ( only 2 JSPs files and one servlet the main components the whole webapp directory is attached ), I am using security constraint to redirect the user to HTTPS instead of HTTP when he submit from first page to the second page.
The problem is when the user submit the first page I get the error HTTP Status 405 - HTTP method GET is not supported by this URL although I m using only POST.
I have traced the firefox browser using httpfox and the result was the first HTTP request was done using POST correctly but after redirect the browser send GET.
This problem appears with FireFOx and IE but doesnot appear with google chrome.
index.jsp
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="myTags" tagdir="/WEB-INF/tags" %>
<html>
<head>
<title>Welcome Page</title>
<link href="css/style.css" type = "text/css" rel="stylesheet" />
[Code] ......
View Replies
View Related
Nov 5, 2014
I am using servlet 2.4 I used the ff. code below to set httponly in my application's cookies but it did not work. When I do a javascrip alert (document. cooke) in my page, the session id still shows up.
Cookie [] cookies = request.getCookies();
for(int x=0; x<cookies.length; x++){
Cookie cookie = (Cookie) cookies[x];
String cookieValue = cookie.getValue();
cookie.setValue(cookieValue + "; HttpOnly");
}
I also tried doing this and it wouldn't work too
String sessionid = request.getSession().getId();
response.setHeader("SET-COOKIE", "JSESSIONID=" + sessionid + "; HttpOnly");
by the way I am using an application server with its JAVA EE version = 1.4 and JAVA SE version = 5
View Replies
View Related
Jun 4, 2014
Can I access the session object even session has been expired? I need to check whether session is expired or not for each request.The session invalidation is set null the session object. What I concluded, session time out I can access session object but session invalidation I can not access session object. How can I find the session time out by using session object?
View Replies
View Related
Jul 8, 2014
I am developing a e-commerce college project, here i add the items in the cart(a div tag in the jsp page) via servlet by creating sessions,
flow control: shopping jsp (when user wants to add an item in the cart) --> item servlet (which is used to create session and synchronized it) --> cart servlet(which is used to add items in the arraylist and show them in the shopping.jsp's div tag + it also sets the total purchase amount in the session variable "totalpurchase")
now after that user wants to proceed to checkout, here i use the onclick event to check the minimumshopping amount must be less than the totalpurchase (totalpurchase which i had setted in the session),but my jsp page is unable to rechognise the updated value of the totalpurchase, yes, if i reload the page, it rechognises the new updated value of the totalpurchase? but i want it to rechognise the updated total purchase value, without reloading he jsp page..
View Replies
View Related
Apr 16, 2014
I'm trying to go back to basic and strengthen some of my foundation. I'm wondering what kind of data would be appropriate to be stored inside a session? My app is a web app where all the users are the employee of a company. So it's an web-based app that keeps track of stock movements, purchasing and sales order (standard distributor company). The web app interacts strictly with employees, so no public facing app (yes, that's right, no shopping cart). So, in this kind of web app, what kind of data that by storing it to session.
View Replies
View Related
May 18, 2014
We have this website that is run on two web applications. The first web application hosts the home page and clicking certain links in the home page would forward it to pages of the second web application where certain functionalities can be done. Now, there has been an initiative to redesign the site to have a login page and only logged in users could browse it. This would mean a login page being created in the first app, and when links to the second application are clicked, the pages are supposed to forward to it with the same session of the user that logged in.
We have already creating handling to pass the session from the first app to the second. Logging out from the first application would also invalidate the same user session in the second application. My questions is, is this a bad idea? would it be better to combine the two apps even if it would mean a huge impact?
or is there are better way to do this? like set it in web.xml. I have read that you cannot use two context for it.
View Replies
View Related
Jan 11, 2015
I am getting following exception.
Jan 11, 2015 10:08:23 PM org.apache.catalina.session.StandardSession writeObject
WARNING: Cannot serialize session attribute cart for session 2F9FF7A5ABC3620BD5B3BC0C4D46C558
java.io.NotSerializableException: org.apache.tomcat.jdbc.pool.DisposableConnectionFacade
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1183)
at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1547)
at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1508)
[Code] .....
View Replies
View Related
Jul 22, 2014
I've sample code of jsp and servlets. Below is my code.
Index.html
<!DOCTYPE html>
<html>
<head>
<meta charset="ISO-8859-1">
<title>Insert title here</title>
</head>
<body>
<form action="AnnotationServlet">
[code]....
Now I want to store those username and age(in .html) somewhere and I want those information in welcome.jsp. Now, I'm storing all those in session itself(In doGet method(servlet)).
2 Doubt) Also, when I get the session in servlet HttpSession session = request.getSession(); line No. 27. The session value is org. apache. catalina. session. StandardSessionFacade@69a8bf4f...I'm expecting that session is to be empty. Because, I dint store anything until that line.
View Replies
View Related
Feb 5, 2015
Why is it that objects stored in session object should be serializable?
View Replies
View Related
Oct 17, 2014
My application uses Struts and IBM Web application Server. I have a question regarding session management. I have a variable stored in session scope, i.e. the name of the client. it is a intranet application. Now whenever the user leaves the browser screen for a long time, the session times out and losses the name of the client.
How to restore the variable after the client comes back and starts using the browser and refreshes the screen and starts using the application. I want just the browser to remember the session variable i.e. "name" of the client.
View Replies
View Related
May 21, 2014
Session attributes after logging into web-app:
Session Attributes
thisUsersAllowedRoles=45
username=hw
authenticatedUser=org.hw.client.payroll.model.User@2c8a09da
supervisorCode=
authenticated=true
[Code] ....
Every now and then while debugging I lose session attributes:
Session Attributes
thisUsersAllowedRoles=45
username=hw
supervisorCode=
authenticated=true
[Code] ....
The authenticatedUser and menu attributes are gone. I never know when it's going to happen so I can't trace it. Any guesses why those type session objects would die?
I attached an image of what menu object looks like.
View Replies
View Related
Mar 10, 2015
Any brief introduction about session in java....
View Replies
View Related
May 9, 2014
in my web.xml my session time out is working but not fully working in my ui i use tiles , i have 5 clickable side panels i try to set timeout for 1 minute or 10 minutes for testing after the time is timeout this what happen working refresh the page after time out = working ,directed me into log in page which is correct.i have 5 clickable side panel in my page after timeout when i click the first 2 in side panel tabs it directed me into log in page which is also correct not working after the timeout when i navigate the page i click the other 3 side panels i can still navigate into the page but when i click the first 2 side panel it directed to log in page w/c is correct but can still navigate the page the other 3 side panels
issue : my session timeout is not fully working on my page.
<session-config>
<session-timeout>10</session-timeout>
</session-config>
View Replies
View Related
Oct 17, 2014
why my session not type casting into String? I'm placing that code below where problem arised.
HttpSession hs1=request.getSession(false);
out.println("hi");
String t1=(String)hs1.getAttribute("name");
out.println("hi "+t1);
in my above code first "hi" is printed successfully but next statement arises type cast exception.
View Replies
View Related
Mar 18, 2014
I have a question about how to check for a session as the user goes through different pages. I am using Java beans and EL to pass data from page to page but I cannot figure out how to check for a session on the pages without the use of a scriptlet with an if else statement in it.
I do not want the user to be able to access any pages unless they are logged in. With a scriptlet, I can create a statement that says if session exists show name else redirect to login page.
From what I have read and what some of the wonderful members here have told me, scriptlets are a big no no these days. So, how do I do these without the use of a scriptlet?
View Replies
View Related
Dec 29, 2014
Being new to java I am a bit lost as to why my session attribute for this banking app wont add the deposits to the session var... it just keeps going back to the amount I set it to originally - so if I set the beginning balance to 3000 then deposit 100 it becomes 3100, but if I then try deposit another amount eg. a extra 200 it becomes 3200 not 3300 like it should be !!
import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;
import java.util.*;
import java.net.*;
import java.text.DecimalFormat;
public class SessionBank extends HttpServlet
[Code] .....
View Replies
View Related
Jun 20, 2014
My application has two Application servers, App1 and App2..
We are using weblogic 8.1 Application server
There is session replication done in weblogic.xml file .
<session-descriptor>
<session-param>
<param-name>InvalidationIntervalSecs</param-name>
<param-value>1</param-value>
[Code] ....
The application works fine but currently there is data getting replicated among different users. Is it the problem of session data getting merged with other session data or is it server cache not getting cleared or is there any setting to be changed in weblogic application server??
View Replies
View Related
Jul 28, 2014
What is the difference between JSESSION ID and Session?I red THIS blog, I got the explanation but I'm actually confused about JSESSION ID and Session.. In that blog, they told about JSESSION ID cookie. then What is the difference between JSESSION ID and Cookie?
View Replies
View Related
Jul 6, 2014
I have a EAR enterprise project with EJB and Web module.EJB module has a SongTokenImpl stateless session bean with @Stateless and @Webservice annotation.Web module has SongServlet.java and success jsp.
SongServlet has dependency injection to SongTokenImpl.
@EJB
TicketMaster songMaster;
@EJB
ShoppingCart shoppingCart;
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String songName = request.getParameter("songname");
Token token = tokentMaster.bookToken(new Song(songName));
System.out.println("we got song token for song "+token.getSongName());
[code]....
we got song token for song xyzInstead i see below error.SongServlet threw exception: java.lang.IllegalStateException: Cannot create a session after the response has been committed/
View Replies
View Related
Dec 14, 2014
My dynamic web project has a java class that captures a session variable with the following code.
HttpSession LoginSession = request.getSession();
String VAR = LoginSession.getAttribute("myVar").toString(); //This is the row 127
If i test the app in local (Mac + Java 1.8 + Tomcat 8) all works. In my remote cloud server (Ubuntu 14.10 + Java 1.8 + Tomcat 8) all works, except this class, that has this code. I copy the complete error here. Note that the row 127 of the error message is the second row of the previous code; and, if i comment this row with // and assign a fix variable all works. So, the problem is that 127^ row.
14-Dec-2014 08:15:23.923 SEVERE [http-nio-8080-exec-14] org.apache.catalina.core.StandardWrapperValve.invoke Servlet.service() for servlet [srvNavigation.SrvPT] in context with path [/myapp] threw exception
java.lang.NullPointerException
at srvNavigation.SrvPT.doGet(SrvPT.java:127)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:618)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:725)
[Code] ....
How can i solve the problem?
View Replies
View Related
Jan 23, 2015
how it is decided which class will implement a session listener interface? Which class will implement HttpSessionListener? Which one will implement HttpSessionActivationListener, HttpSessionBindingListener or HttpSessionAttributeListener?
View Replies
View Related
May 21, 2014
i have file index.jsp , that approach to reguar java class and call function . in that function i want to get attribute from session like this :
List<Coupon> couponsList = (List<Coupon>)request.getSession().getAttribute("listOfCouponsThatNotExpired");
because this regular java class i get error message ,how to solve this ?
View Replies
View Related
Jan 4, 2015
I am adding my shopping cart in session like bellow in servlet
HttpSession session = request.getSession();
session.setMaxInactiveInterval(60*30); // 30 minutes
if (session.getAttribute("cart") == null){
session.setAttribute("cart", new ShoppingCart());
}
cart = session.getAttribute("cart");
I seems if more than one person accesses it from server, if they items in the shopping cart, all the product is added to a single session. I mean if i added 4 items first and other person adds 2 items, second person sees 6 products in his cart. Where am I going wrong?
View Replies
View Related