Hi! Very basic question. I have a portal containing several servlets, one of which takes care of logging in (but only as an admin). How do I use HttpSessions between Servlets to know if the admin is signed in?
Thanks in advance!
+2
A:
set an attribute in session
session.setAttribute("isAdmin",true OR false);
At the login time decide the user type and set it.
org.life.java
2010-10-28 16:10:12
Thanks! This solved it!
Whirlwin
2010-10-28 19:28:34
+2
A:
Whenever your admin users signs in put something like session.setAttribute("admin","true");
check this as session.getAttribute("admin") to see if admin is logged in
sushil bharwani
2010-10-28 16:11:11
A:
I'd store the complete user object in the session.
http://download.oracle.com/javaee/1.3/api/javax/servlet/http/HttpServletRequest.html#getSession()
You can gain access to the session through this method. If you store the whole user in the session (or the user-id from your database), you can implement a more refined, role-based access later on as your application grows.
greetings
chzbrgla
2010-10-28 16:27:20
That's not generally a good idea as you'll have to make sure the object remains in sync with what's in the DB yourself. Usually one is better off just storing the id in the session and retrieving it as needed. A straight primary key query will hit the cache and not load the DB, and the cache should be integrated with the persistence framework to ensure the returned object is up to date.
pansapien
2010-10-28 16:34:28
Not to mention it's more data to push between nodes if you're in a clustered configuration.
pansapien
2010-10-28 16:36:00
yeah i meant to say he should store the user as a whole object, referenced by the id .. couldn't quite express myself there :D
chzbrgla
2010-10-28 16:52:45