httpsession

Access session of another web application

Is it possible to configure two separate web apps (WAR) in a J2EE application (EAR) to access a shared session context? Further info: I ended up creating a shared class from the EAR which stored the required information in static members. This did the trick, even if it seemed like a dirty hack. ...

How to obtain an HttpSession Object from SessionID?

I want to invalidate sessions of users based on some Event. I store their sessionID, how to get their HttpSession from this ID? The HttpSessionContext class is deprecated with no replacement. ...

HttpSession timeout

Hi i have a jsf application in which i have three frames,one for the header,one for side navigation and the other is the mainframe.I have built this in the spring framework. I have a problem that when the HttpSession object gets timed out the apllication gets forwarded to the Login page(which is correct,and is the starting page of the a...

How to store session in Spring MVC

What's the best way of storing session related data of a user (like, for example a log of recent actions a user has done) in a Spring MVC (2.5) web application ? Using the classic javax.servlet.http.HttpSession or by specifying scope="session" in controller beans, and storing the data in a session object ? ...

Generating a new ASP.NET session in the current HTTPContext

As a result of a penetration test against some of our products in the pipeline, what looked to be at the time an 'easy' problem to fix is turning out to be a toughy. Not that it should of course, I mean why would just generating a brand new session for the current HTTPContext be so difficult? Bizarre! Anyway- I've written a cheeky litt...

Measuring the Size of HttpSession object

Is there a clean and easy way to measure it other than programatically measuring the size of each data type (that each object is composed of) stored in session? ...

httpsession doesn't expires when reverse Ajax is enabled

Hello. I have a web application that uses DWR reverse Ajax (pollAndCometEnabled set to true) In my web.xml i have set a timeout of 30 minutes for the HttpSession. Since DWR polls the server, the http session is always active and the result is that it never expires, even if the user's interaction is inactive for over 30 minutes. Does anyo...

Getting cannot convert object to ArrayList error when retrieving ArrayList from HttpSession

I have saved an ArrayList to the session object. I am trying to retrieve it using sriList = session.getAttribute("scannedMatches"); I am getting the compile time error "Cannot convert from Object to ArrayList". How can I get my ArrayList back from the session object. ...

How is HttpSession implemented?

I just finished taking a final exam on web applications. Capping off what had been a rather easy (albeit lengthy - 12 pages) exam was a question asking us to code an implementation of sessions, similar to that done by javax.http.HttpSession. I hate to admit, it stumped me. I cranked out a rather BS implemetation using a HashMap and did...

PHP's real SESSION object

EDIT: (UPDATED) Maybe my question was not clear enough. Ok, lets put it this way: $arr["a"] = 10; var_dump($arr); $arr["b"] =& $arr["a"]; var_dump($arr); the first var_dump returns: array 'a' => int 10 While the second one returns: array 'a' => &int 10 'b' => &int 10 If I unset($arr["a"]) it will return: array 'b' => ...

Retrieve browser locale from httpsession ?

Is it possible to derive the preferred language from a httpsession object (javax.servlet.http.HttpSession) ? It is possible to get it from the servletrequest but I dont have that. Thanks for any ideas. Sven ...

Java: any problems/negative sides of keeping SoftReference to ArrayList in HttpSession?

My code is doing the following (just as an example, and the reason that I specify package path to java.lang.ref.SoftReference is to note that it's not my own implementaiton :-): ... List<String> someData = new ArrayList<String>(); someData.add("Value1"); someData.add("Value2"); ... java.lang.ref.SoftReference softRef = new SoftReference...

Amount of data stored in session

What technique should we use to make the httpsession object not loaded heavily with data. Example : Request 1 ---- > httpSession loaded with an arraylist of 50,000 different objects. session.setAttribute("data",arraylist); Request 2 ---- > httpSession loaded with an arraylist of 40,000 different objects. session.setAttribute("dat...

Is there a way to access HttpSession from EJB module?

I'm currently in a need of getting session ID thus I need to get the HttpSession but I don't have any servlets in my EJB module. So perhaps some DI annotation like in webservices api? ...

How Handle session using requestProcessor

Hi, I am working on struts,i want to know how to handle session using org.apache.struts.action.RequestProcessor ? Where in have to check the existence of session throughout the app ? ...

How can I write extensions for Session without having to write separate methods for HttpSessionState and HttpSessionStateBase?

I wrote the following extension methods for Session so that I can persist and retrieve objects by their type. This works well for my solution, but I ended up having to duplicate my extension methods to cover the old HttpSessionState and the new HttpSessionStateBase. I'd like to find a way to get these back down to one set that covers bot...

How can i load Java HttpSession from JSESSIONID ?

I want to get Java HttpSession by JSESSIONID. Is it possible? If yes, how? ...

Will AJAX (XmlHttpRequests) prevent my Jetty managed HttpSession from expiring?

I am using an embedded Jetty implementation as my servlet container. Here is a small config snippet: WebAppContext context = new WebAppContext(warUrlString, "/"); SessionHandler sessionHandler = new SessionHandler(); SessionManager sessionManager = new HashSessionManager(); // in seconds, low for testing sessionManager.setMaxInactiveI...

Xhtml pages and HttpSession test , no jstl ?

I have a dynamic web application in JEE with JSF, Facelets, Richfaces. My pages are all xhtml pages. So JSTL isn't working in it. For my account pages and all other private pages to be reachable, I want to test if the user got connected, so if the attribute session in HttpSession is not null. If it's null, the user gets redirected in th...

A new HttpSession for each request?

Hi all, I've always taken for granted the JSESSIONID cookie created for every fresh request for a given client when developing applications using the servlet specification. But after giving it a bit of thought, isn't is more logical for the servlet container to create a cookie header only after the session has been requested and created...