Thanks. I think I understand now. I had known that the only part of a
session
that was stored to the client as a cookie was the session_id and that the
rest of the information was stored in the JVM (presumably), so I figured
that
the session would remain valid for the lifetime of the JVM. I didn't
realize
that the session would be automatically invalidated whenever the customer
closed their browser. In fact, after experimenting, I found that the
browser
never actually writes the session_id to the cookies.txt file on the client
machine
which would explain why closing the browser invalidates the session.
I must say that I was slightly mislead by Jason Hunter's Session Tracking
Demo
because he prints "You've visited this page 12 times" to the screen. This
is
not Jason's fault since I clearly misunderstood what exactly constituted a
session, but perhaps "You've visited this page 12 times during this
session."
would have been better (for me).
In any case, I'm now wondering if there is a way to extend the lifetime of
a session. I really only want the session_id to be stored in the
cookies.txt file on the client machine for about a month. I stopped
using cookies and started using sessions because sessions seemed
much more elegant. I'm disappointed that I don't seem to have any
control whatsoever over the expiration date.
John
> -----Original Message-----
> From: Scott Neufeld [SMTP:[EMAIL PROTECTED]]
> Sent: Friday, April 30, 1999 1:06 PM
> Subject: Re: problem with HttpSession
>
> Sessions are not cookies -- what you are storing in your Session is
> specific to
> an identifier stored as a cookie, but that is all that is stored as a
> cookie --
> an identifier that links a user to a Session object. This identifier
> exists for
> a Session only, and is not permanent, nor should it be considered
> permanent. You
> should use cookies to store the actual values, or persist the objects you
> are
> storing in your Session in some sort of database.
>
> "Lame, John" wrote:
>
> > I want to save a customers personal information (email, name, phone)
> > in an HttpSession object so that they don't have to type it in the
> > next time they come to my page ...
<snip>
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
