Prentice Hall and Sun Microsystems. Personal use only; do not redistribute.
206
Chapter 9 Session Tracking
Terminating Sessions
Sessions will automatically become inactive when the amount of time
between client accesses exceeds the interval specified by 
getMax 
InactiveInterval
. When this happens, any objects bound to the 
Http 
Session
 object automatically get unbound. When this happens, your
attached objects will automatically be notified if they implement the
HttpSessionBindingListener
 interface.
Rather than waiting for sessions to time out, you can explicitly deactivate a
session through the use of the session's 
invalidate
 method.
Encoding URLs Sent to the Client
If you are using URL rewriting for session tracking and you send a URL that
references your site to the client, you need to explicitly add on the session
data. Since the servlet will automatically switch to URL rewriting when cook 
ies aren't supported by the client, you should routinely encode all URLs that
reference your site. There are two possible places you might use URLs that
refer to your own site. The first is when the URLs are embedded in the Web
page that the servlet generates. These URLs should be passed through the
encodeURL
 method of 
HttpServletResponse
. The method will determine
if URL rewriting is currently in use and append the session information only
if necessary. The URL is returned unchanged otherwise. 
Here's an example:
String originalURL = someRelativeOrAbsoluteURL;
String encodedURL = response.encodeURL(originalURL);
out.println("...");
The second place you might use a URL that refers to your own site is in a
sendRedirect
 call (i.e., placed into the 
Location
 response header). In this
second situation, there are different rules for determining if session informa 
tion needs to be attached, so you cannot use 
encodeURL
. Fortunately, 
Http 
ServletResponse
 supplies an 
encodeRedirectURL
 method to handle that
case. Here's an example:
String originalURL = someURL; // Relative URL OK in version 2.2
String encodedURL = response.encodeRedirectURL(originalURL);
response.sendRedirect(encodedURL);
Since you often don't know if your servlet will later become part of a series
of pages that use session tracking, it is good practice for servlets to plan ahead
and encode URLs that reference their site.
Second edition of this book: www.coreservlets.com; Sequel: www.moreservlets.com.
Servlet and JSP training courses by book's author: courses.coreservlets.com.






footer




 

 

 

 

 Home | About Us | Network | Services | Support | FAQ | Control Panel | Order Online | Sitemap | Contact

jsp web hosting

 

Our partners: PHP: Hypertext Preprocessor Best Web Hosting Java Web Hosting Jsp Web Hosting Cheapest Web Hosting

Visionwebhosting.net Business web hosting division of Web Design Plus. All rights reserved