Prentice Hall and Sun Microsystems. Personal use only; do not redistribute.


206


Chapter 9 Session Tracking


Terminating Sessions


Sessions will automatically become inactive when the amount of time


between client accesses exceeds the interval specified by 


getMax 


InactiveInterval


. When this happens, any objects bound to the 


Http 


Session


 object automatically get unbound. When this happens, your


attached objects will automatically be notified if they implement the


HttpSessionBindingListener


 interface.


Rather than waiting for sessions to time out, you can explicitly deactivate a


session through the use of the session's 


invalidate


 method.


Encoding URLs Sent to the Client


If you are using URL rewriting for session tracking and you send a URL that


references your site to the client, you need to explicitly add on the session


data. Since the servlet will automatically switch to URL rewriting when cook 


ies aren't supported by the client, you should routinely encode all URLs that


reference your site. There are two possible places you might use URLs that


refer to your own site. The first is when the URLs are embedded in the Web


page that the servlet generates. These URLs should be passed through the


encodeURL


 method of 


HttpServletResponse


. The method will determine


if URL rewriting is currently in use and append the session information only


if necessary. The URL is returned unchanged otherwise. 


Here's an example:


String originalURL = someRelativeOrAbsoluteURL;


String encodedURL = response.encodeURL(originalURL);


out.println("...");


The second place you might use a URL that refers to your own site is in a


sendRedirect


 call (i.e., placed into the 


Location


 response header). In this


second situation, there are different rules for determining if session informa 


tion needs to be attached, so you cannot use 


encodeURL


. Fortunately, 


Http 


ServletResponse


 supplies an 


encodeRedirectURL


 method to handle that


case. Here's an example:


String originalURL = someURL; // Relative URL OK in version 2.2


String encodedURL = response.encodeRedirectURL(originalURL);


response.sendRedirect(encodedURL);


Since you often don't know if your servlet will later become part of a series


of pages that use session tracking, it is good practice for servlets to plan ahead


and encode URLs that reference their site.


Second edition of this book: www.coreservlets.com; Sequel: www.moreservlets.com.


Servlet and JSP training courses by book's author: courses.coreservlets.com.








footer






  


 


 


        

 


 

  

    

      
      
 Home 
      | About Us | Network 
      | Services | Support 
      | FAQ | Control Panel 
      | Order Online |
      Sitemap | Contact

      

      jsp web hosting

      
 

    

  

  




Our partners: 
PHP: Hypertext Preprocessor Best Web Hosting
Java Web Hosting
Jsp Web Hosting
Cheapest Web Hosting


Visionwebhosting.net Business web hosting division of Web 
Design Plus. All rights reserved