Arun Thomas wrote:
> Hello all,
>
> I've noticed in some of the tutorial that I've read, as well as in several
> of the posts here that
> people often use session.getId() when creating a key for attributes to be
> added to the
> HttpSession. Is there a need to do this? Is it dangerous to use a
> hardcoded string as a key?
>
I would word things a little differently ... I cannot see any reason to care what
my own session ID is, unless I'm writing some sort of specialized proxy or
applet-servlet communications function. I want the values stored in my session to
have mnemonic names, which (in the JSP case) are also what you use for the "id"
attribute in <jsp:useBean id="xxx" scope="session"/>.
> The only reason I can think to do this is to differentiate between values
> stored by different sessions.
> This suggests that all values stored by different sessions are in the same
> space, with the possibility of
> retrieving an incorrect value if something is not done to uniquely identify
> which values are associated
> with each session. Is this the case?
>
No, it is not -- there is a separate space for user data objects per session.
Think of an HttpSession as a Hashtable (for the user data objects) plus a bunch of
other properties and you will get the right picture. There is one HttpSession
instance (well, it's really an instance of the servlet container's implementation
class, but that's not relevant from the programmer's viewpoint) for each session in
existence.
>
> Thanks for any help you can provide....
> -AMT
>
Craig McClanahan
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
FAQs on JSP can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
