Is it possible to configure two separate web apps (WAR) in a J2EE application (EAR) to access a shared session context? Further info: I ended up creating a shared class from the EAR which stored the required information in static members. This did the trick, even if it seemed like a dirty hack. ...
I want to invalidate sessions of users based on some Event. I store their sessionID, how to get their HttpSession from this ID? The HttpSessionContext class is deprecated with no replacement. ...
Hi i have a jsf application in which i have three frames,one for the header,one for side navigation and the other is the mainframe.I have built this in the spring framework. I have a problem that when the HttpSession object gets timed out the apllication gets forwarded to the Login page(which is correct,and is the starting page of the a...
What's the best way of storing session related data of a user (like, for example a log of recent actions a user has done) in a Spring MVC (2.5) web application ? Using the classic javax.servlet.http.HttpSession or by specifying scope="session" in controller beans, and storing the data in a session object ? ...
As a result of a penetration test against some of our products in the pipeline, what looked to be at the time an 'easy' problem to fix is turning out to be a toughy. Not that it should of course, I mean why would just generating a brand new session for the current HTTPContext be so difficult? Bizarre! Anyway- I've written a cheeky litt...
Is there a clean and easy way to measure it other than programatically measuring the size of each data type (that each object is composed of) stored in session? ...
Hello. I have a web application that uses DWR reverse Ajax (pollAndCometEnabled set to true) In my web.xml i have set a timeout of 30 minutes for the HttpSession. Since DWR polls the server, the http session is always active and the result is that it never expires, even if the user's interaction is inactive for over 30 minutes. Does anyo...
I have saved an ArrayList to the session object. I am trying to retrieve it using sriList = session.getAttribute("scannedMatches"); I am getting the compile time error "Cannot convert from Object to ArrayList". How can I get my ArrayList back from the session object. ...
I just finished taking a final exam on web applications. Capping off what had been a rather easy (albeit lengthy - 12 pages) exam was a question asking us to code an implementation of sessions, similar to that done by javax.http.HttpSession. I hate to admit, it stumped me. I cranked out a rather BS implemetation using a HashMap and did...
EDIT: (UPDATED) Maybe my question was not clear enough. Ok, lets put it this way: $arr["a"] = 10; var_dump($arr); $arr["b"] =& $arr["a"]; var_dump($arr); the first var_dump returns: array 'a' => int 10 While the second one returns: array 'a' => &int 10 'b' => &int 10 If I unset($arr["a"]) it will return: array 'b' => ...
Is it possible to derive the preferred language from a httpsession object (javax.servlet.http.HttpSession) ? It is possible to get it from the servletrequest but I dont have that. Thanks for any ideas. Sven ...
My code is doing the following (just as an example, and the reason that I specify package path to java.lang.ref.SoftReference is to note that it's not my own implementaiton :-): ... List<String> someData = new ArrayList<String>(); someData.add("Value1"); someData.add("Value2"); ... java.lang.ref.SoftReference softRef = new SoftReference...
What technique should we use to make the httpsession object not loaded heavily with data. Example : Request 1 ---- > httpSession loaded with an arraylist of 50,000 different objects. session.setAttribute("data",arraylist); Request 2 ---- > httpSession loaded with an arraylist of 40,000 different objects. session.setAttribute("dat...
I'm currently in a need of getting session ID thus I need to get the HttpSession but I don't have any servlets in my EJB module. So perhaps some DI annotation like in webservices api? ...
Hi, I am working on struts,i want to know how to handle session using org.apache.struts.action.RequestProcessor ? Where in have to check the existence of session throughout the app ? ...
I wrote the following extension methods for Session so that I can persist and retrieve objects by their type. This works well for my solution, but I ended up having to duplicate my extension methods to cover the old HttpSessionState and the new HttpSessionStateBase. I'd like to find a way to get these back down to one set that covers bot...
I want to get Java HttpSession by JSESSIONID. Is it possible? If yes, how? ...
I am using an embedded Jetty implementation as my servlet container. Here is a small config snippet: WebAppContext context = new WebAppContext(warUrlString, "/"); SessionHandler sessionHandler = new SessionHandler(); SessionManager sessionManager = new HashSessionManager(); // in seconds, low for testing sessionManager.setMaxInactiveI...
I have a dynamic web application in JEE with JSF, Facelets, Richfaces. My pages are all xhtml pages. So JSTL isn't working in it. For my account pages and all other private pages to be reachable, I want to test if the user got connected, so if the attribute session in HttpSession is not null. If it's null, the user gets redirected in th...
Hi all, I've always taken for granted the JSESSIONID cookie created for every fresh request for a given client when developing applications using the servlet specification. But after giving it a bit of thought, isn't is more logical for the servlet container to create a cookie header only after the session has been requested and created...