It has nothing to do with different sessions. It has everything to do
with the fact that the PrintWriter is a member variable of the class.
> private PrintWriter out = null;
When two requests enter the servlet concurrently, each thread modifies
this variable.
> public void doPost(HttpServletRequest req, HttpServletResponse res)
> throws ServletException, IOException
> {
> System.out.println("Entered do post");
> String str_login_name = req.getParameter("login_name");
> String str_password = req.getParameter("password");
> out = res.getWriter();
After the second thread modifies this variable, where does the response
from the first thread go? Hint: both threads send the response to the
same browser.
The point about sessions is that there are some circumstances where
running multiple browsers on the same machine causes each browser to be
associated with the same session on the server. You claim that this is
not the case in your environment. Good. But that is not the case with
every environment, and one must be careful to avoid this when trying to
test concurrent requests to ensure that the sessions are correctly
associated with browsers. This issue could make it appear that the code
is broken, when its just a problem with two browsers sharing the same
session.
K Mukhar
Vijaya Bhaskar Varanasi wrote:
>
> Hi.
> Thanks all for your replies.
> I am not providing the same user name and password in all the browser
> windows. They are different.
>
> Also, I checked the session id in the login servlet, it is different for
> each request made by the browsers on the same m/c. Still I am getting all
> responses in a single browser!
>
> As sought, here is the code for you to take a look ---
>
> regards,
> bhaskar.
>
> CODE :
>
> public class loginServlet extends HttpServlet
> {
> private String user_name = null;
> private String email = null;
> private int user_type = 0;
> private PrintWriter out = null;
> private Connection myConnection = null;
> private ResultSet rs = null;
> Connector dbConnector;
> // Connector class initialises a pool of 3 connections and allots connection
> upon request from // any other servlet, and also revokes the connection
> when passed to it by other classes.
> public void init(ServletConfig sc) throws ServletException
> {
> super.init(sc);
> System.out.println("Before instantiation of Connector class in init");
> try
> {
> dbConnector = new Connector("jdbc:odbc:loginDB");
> // Connector class constructor takes the db URL to connect
> }
> catch (IllegalArgumentException iae)
> {
> System.out.println("---------------------");
> System.out.println(iae.getMessage());
> System.out.println("Returned instance of Connector is :"+dbConnector);
> }
> } // end of init method
>
> public void doPost(HttpServletRequest req, HttpServletResponse res)
> throws ServletException, IOException
> {
> System.out.println("Entered do post");
> String str_login_name = req.getParameter("login_name");
> String str_password = req.getParameter("password");
> out = res.getWriter();
> res.setContentType("text/html");
> out.println("<html> <head> <title> Intranet - Library
> </title> </head> <body>");
> out.println("<P><FONT COLOR = \"green\">Hi
> <B>"+str_login_name+"</B>");
> out.println(" </FONT> </P>");
> out.flush();
> int validType =
> validatePassword(str_login_name,str_password);
> if(validType != -1)
> {
> HttpSession session = req.getSession(true);
> system.out.println("The session id is : "+session.getId());
> // only Objects are stored in the session. Primitive types are not stored.
> // Hence, java.lang.Integer.toString(user_type).
> session.putValue("user_name",user_name);
> String str_user_type =
> java.lang.Integer.toString(user_type);
> session.putValue("user_type",str_user_type);
> session.putValue("email",email);
> out.println("You are successfully logged into the
> site !");
> } // end of if block
> if(validType == 4) // to indicate guest status
> {
> HttpSession session = req.getSession(true);
> // only Objects are stored in the session. Primitive types are not stored.
> // Hence, java.lang.Integer.toString(user_type).
> session.putValue("user_name",user_name);
> String str_user_type =
> java.lang.Integer.toString(user_type);
> session.putValue("user_type",str_user_type);
> session.putValue("email",email);
> out.println("You are logged into the site as a GUEST
> as your password is not correct !");
> }
> // else do nothing
> // out.println("Pl. try again!.");
> } // end of doPost method
>
> private synchronized int validatePassword(String login, String
> password)
> {
> String login_name = login;
> String pwd = password;
> Connection allotedConnection = null;
> try
> {
> while(allotedConnection == null)
> {
> System.out.println("Inside validatePassword.. just before calling
> allotConnection ");
> allotedConnection =
> dbConnector.allotConnection();
> System.out.println("back in validatePassword and Alloted Connection
> is: "+allotedConnection);
> Statement st =
> allotedConnection.createStatement();
> String sqlQuery = "select
> emp_email,emp_type,emp_password from empInfo where emp_login_name =
> '"+login_name+"'";
> System.out.println("SQL Query is : "+sqlQuery);
> rs = st.executeQuery(sqlQuery);
> if(rs.next())
> // if at least a row is returned in the result set i.e. resultset is not
> empty, there is a record which matches given login_name
> {
> email = rs.getString(1);
> user_type = rs.getInt(2);
> String emp_password =
> rs.getString(3);
> System.out.println("email = "+email+" user type = "+user_type+" password =
> "+emp_password);
> // job of the connection is over. So, it can be returned to the pool !
>
> if (pwd.equals(emp_password))
> {
> System.out.println("password validated");
> user_name = login_name;
> }
> else
> user_type = 4; //
> indicating guest status !
> } // end of if block where result set is
> checked
> // if result set does not have any rows : just revoke connection.
> Thereafter, sequence is followed.
> else
> {
>
> dbConnector.revokeConnection(allotedConnection);
> out.println("<B> Login name does not
> exist! </B><BR>");
> user_type = -1; // to indicate to
> the caller that something is wrong
> }
>
> System.out.println("Just about to call revoke connection....");
> try
> {
>
> dbConnector.revokeConnection(allotedConnection);
> }
> catch (IllegalArgumentException iae)
> {
>
> System.out.println("---------------------");
>
> System.out.println(iae.getMessage());
> }
> } // end of while block where allotedConnection is
> tested for null value
> if(user_name == null && user_type != -1)
> {
> out.println("<B> Password is invalid !
> </B><BR>");
> user_type = -1; // to indicate to the
> caller that something is wrong
> }
> } // end of try block
> catch(SQLException sqle)
> {
> System.out.println("SQL Exception occured in
> validatePassword()"+ sqle.getMessage());
> sqle.printStackTrace();
> }
> return user_type;
> } // end of validatePassword method.
> } // end of loginServlet class
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
