Re: Own Session Management API

[Siros Supavita]

Title: RE: Own Session Management API

Hello,
        I think Nic's idea is Ok. But I saw that Nic used method
"getSession(String)" ... which belong to
"javax.servlet.http.HttpSessionContext" class. It's already deprecated right
now in Java Servlet 2.1. I'm not sure that this method work properly in all
Servlet Engine and this method will be remove in next release of Java
Servlet Specification. In my opinion, I think you should use method
"getSession(boolean)" in class "javax.servlet.http.HttpServletRequest" ...
It should work on all Servlet Engine that support Java Servlet 2.1

        public void service(HttpServletRequest req,HttpServletResponse resp)
{
                HttpSession session = req.getSession(true);
                if (session.isNew()) {
                // Session's just created (new)
                } else {
                // All your code
                }
                ........
        }
       
        I think this is effective way. I always use this style (I never
tried other). You don't have to worry how Servlet Engine handle this 'cos
it's Specification, all Servlet Engine have to implement this in some way. I
remember that in Java Developer Connection, there's an article about this,
in section Servlet. They said that Servlet Engine create Hashtable and store
session in this hashtable and store key to each client's session in client's
cookie. I saw that when I use HttpSession there is a cookie send back to
browser. But internally ... I think no one know how could it implement. It
depends on each implementor
       
Hope this help,

Siros

-----Original Message-----
From:   Nic Ferrier [SMTP:[EMAIL PROTECTED]]
Sent:   Thursday, October 21, 1999 5:26 PM
To:     [EMAIL PROTECTED]
Subject:        Re: Own Session Management API

>>> Palanisamy Easwaran <[EMAIL PROTECTED]> 10/21/99 10:54:49 AM >>>

> Is it possible to use this sort of API in
>all web servers without affecting
>their session implementation? (Do
>their servlet-engine allow me to do it?). I am
>very sure about the hitting issues due to this effort.

Servlet engines have access to the guts of the incomming request
before you do and work out the things that a servlet might want to
know, eg: is the request part of a session?




void service(HttpServletRequest req,HttpServletResponse resp)
{
    String seshid=req.getParameter("mysessionid");
    HttpSession sesh=MySessionManager.getSession(seshid);
    if(sesh==null)
    {  //no session
    }
    else
    .....
}