GetSession()
hi to @ll,
while getSession is used like:
method (HttpServletRequest request,
HttpServletResponse response, ...)
HttpSession session = request.getSession();
iAS server responses:
java.lang.NoSuchMethodError: javax.servlet.http.HttpServletRequest: method getSession()Ljavax/servlet/http/HttpSession; not found
any idea?
thanks anyway,
marcos.
shaolinf wrote:
Hi Guys
How does the true or false in the getSession() attribute affect its state?[HttpServletRequest.getSession(boolean)|http://java.sun.com/j2ee/1.4/docs/api/javax/servlet/http/HttpServletRequest.html#getSession(boolean)]
Affects the state of what?
A method does not have a state.
If there already is a session - there is no state change.
If there is no session yet - a session is created if the argument is true.
Similar Messages
-
Null returned from request.getSession( true )
It is my understanding that when you call getSession on an instance of
HttpServletRequest with a parameter of true, it should return the existing
session (if there is one) or a new session. It should never return null.
Unfortunately, that is exactly what we are seeing. Has anybody else had a
similar problem? We've seen it three times at this point. It only seems to
happen after stress or extended usage of the WebLogic server (several days).
After null is returned, it is always returned until you restart the server.
We are running WebLogic 4.5.1 (service pack 2) with clustering and in-memory
replication of session data. We use jview (Microsoft's VM) on Windows NT
Server 4.0 (service pack 6).
Thanks,
Walter Bodwell
Evity, Inc.
Copied from the API:
getSession
public HttpSession getSession(boolean create)
Returns the current HttpSession associated with this request or, if
necessary, creates a new session for the request. Use true for create to
create a new session, or false to return the current HttpSession.
If create is false and the request has no valid HttpSession, this method
returns null.
To make sure the session is properly maintained, you must call this method
at least once before you write any output to the response. Newly created
sessions (that is, sessions for which HttpSession.isNew returns true) do not
have any application-specific state.
Parameters:
true - to create a new session for this request; false to return the current
session
Returns:
the HttpSession associated with this request or null if create is false and
the request has no valid session
getSession
public HttpSession getSession()
Returns the current session associated with this request, or if the request
does not have a session, creates one.
Returns:
the HttpSession associated with this request
Hope that helps,
-Andrew
Walter Bodwell <[email protected]> wrote in message
news:[email protected]...
> The spec itself is not very clearly written, but seems to imply that
> getSession( true ) only creates a session if there is not one already
> associated with the request:
>
> getSession
>
> Returns the current valid session associated with this request. If this
> method is called with no arguments, a session will be created for the
> request if there is not already a session associated with the request. If
> this method is called with a boolean argument, then the session will be
> created only if the argument is true.
>
> The API documentation is much more clear (the important words being if
> necessary):
>
> public abstract HttpSession getSession(boolean create)
>
> Gets the current valid session associated with this request, if create is
> false or, if necessary, creates a new session for the request, if create
is
> true.
>
> Walter
>
> Andrew Robinson <[email protected]> wrote in message
> news:[email protected]...
> > In 2.1 getSession(true) ALWAYS creates a new session, getSession(false)
> > returns the current session (or null).
> > With getSession(), it returns the existing session, or creates a new one
> if
> > there is not one. Check out the API, very important difference.
> >
> > -Andrew
> >
> >
> > Walter Bodwell <[email protected]> wrote in message
> > news:[email protected]...
> > > Doesn't getSession() just call getSession( true )? The descriptions
for
> > the
> > > two sound identical.
> > >
> > > Thanks,
> > > Walter
> > >
> > > Andrew Robinson <[email protected]> wrote in message
> > > news:[email protected]...
> > > > Try using getSession(), no arguments, it is in the 2.1 servlet spec
> > > >
> > > > Walter Bodwell <[email protected]> wrote in message
> > > > news:[email protected]...
> > > > > It is my understanding that when you call getSession on an
instance
> of
> > > > > HttpServletRequest with a parameter of true, it should return the
> > > existing
> > > > > session (if there is one) or a new session. It should never
return
> > > null.
> > > > > Unfortunately, that is exactly what we are seeing. Has anybody
else
> > had
> > > a
> > > > > similar problem? We've seen it three times at this point. It
only
> > > seems
> > > > to
> > > > > happen after stress or extended usage of the WebLogic server
> (several
> > > > days).
> > > > > After null is returned, it is always returned until you restart
the
> > > > server.
> > > > >
> > > > > We are running WebLogic 4.5.1 (service pack 2) with clustering and
> > > > in-memory
> > > > > replication of session data. We use jview (Microsoft's VM) on
> Windows
> > > NT
> > > > > Server 4.0 (service pack 6).
> > > > >
> > > > > Thanks,
> > > > > Walter Bodwell
> > > > > Evity, Inc.
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>
-
Work around for deprecated getIds() and getSession()
Hi All,
As getIds() and getSession() methods of HTTPSessionContext are deprecated I need to know some work around for them. Can anyone please help me out ?
My problem is as follows -
My application has users who can have more than one login till a maximum number. After that maximum number is reached, if same user tries to make another login system will only allow him/her to make it after removing all of his/her previous logins. As a part of that, system should also delete all the sessions associated with those previous logins. Now the methods getIds() and getSession() being deprecated, I don't know how it can be done without going to some persistent data layer (like database).
I'm using WebSphere application server and the solution need to be applicable even for a clustered environment (i.e. I may need to put both of my web tier and application tier in a clustered environment).
Any help will be really appreciated.
Regards,
Souravi don't know about handling the multi tier issue but you can easily put an instance into the ServletContext that keeps track of the associations between users and sessions and can react accordingly.
robert -
Httprequest.getSession(false) creating a NEW Session
I am working on a web application which uses STRUTS. All the client requests are directed to loginaction class.
Any resource in the application, is accessed thru the action class.
Overview: In the action class, i am checking if there is any session associated with the new user using
session = request.getSession(false);
if (session != null) {
if (session.isNew()) {
logger.info("New Session Created [" + session.getId() + "]");
} else {
logger.info("Session EXIST'S ["+ session.getId()
+ "], Retreiving user from session");
}According to the Servlets 2.2 API:
public HttpSession getSession(boolean create) Returns the current HttpSession associated with this request or, if if there is no current session and create is true, returns a new session.
If create is false and the request has no valid HttpSession, this method returns null.
if (session.isNew()) ,
this if statement should return false and be skipped, as session = request.getSession(false);wont create a new session. When i parse the logs, I see the log statement, "New Session Created ". Which makes me wonder, that a new session is being created
Problem: When i debug, i see that container is creating a new session if the session doesnt exist. According to API mentioned above, it should not create a new session. It should return null.
Did anyone had a similar issue? While researching i found this article that using struts, the container creates a default session.
I found this article: http://www.theserverside.com/discussions/thread.tss?thread_id=21643
Environment: IDE:WSAD5.1, Appserver:Websphere, Browser:IE 6.0, Struts, JSP, JSTLHi,
We have two appliactions. Our application say B is uses authentication mechanism provided by say A.
So the user, is presented a login page by application A. Once they are authenticated, without the knowledge of user, its being forwarded to our application say B.
Once he is in our application, he can navigate in our application, say,
he goes from page1 to page2. page1 is the main page. Now browser caching is enabled. When he hits the back button to access page1, browser is sending a new request to our applicaiton insted of furnising form local cache( this is another issue). Even though a new request is sent, all the requests are routed thru a struts controller action class. Now in the action class, we check if its a new session or not.
request.getSession(false). Since the user is an old user, it shouldnt create any new session.
As per your suggestion, where should i put the directive in the jsp to not to create a default session?. In page1 which is the main page?.
How should i implemnt the session listener interface. Do u have any templates or code snippets?.
Any suggestions? -
ADF 10g:HttpServletRequest.getSession vs ExternalContext.getSession
Hi all,
I'm reviewing some code in our application and I would like to confirm my understanding of how to properly use session attributes on the view layer.
In my servlet doFilter method I get my session using:
HttpSession session = servletRequest.getSession(true);
I also came across this blog post:
http://andrejusb.blogspot.com/2012/01/how-to-access-session-scope-in-adf-bc.html
which calls getSession from FacesContext.getCurrentInstance().getExternalContext.getSession
http://docs.oracle.com/cd/E17802_01/j2ee/j2ee/javaserverfaces/1.2/docs/api/javax/faces/context/ExternalContext.html#getSession(boolean)
Am I correct in my understanding that according to the javadoc, the getExternalContext.getSession returns the same HttpSession object as in HttpServletRequest.getSession?
Many thanks
WesHi,
yes, this is correct
Frank -
LocalizedIllegalStateException: getSession was called outside of a valid co
I've encountered the error:
com.bea.wlw.netui.util.exception.LocalizedIllegalStateException: getSession was called outside of a valid context.
while executing a JSP page with the offending line:
<netui-data:repeater dataSource="{pageFlow.compositeVO.statusForms}">
PageFlow's getCompositeVO() method returns getSession().getAttribute("compositeVO"), which was cached in previous actions.
It seems illogical to me that the context is invalid for using getSession() while I'm within a JSP page.
Edited by chutan at 01/09/2007 9:18 AMSeems like a bug to me.
To reproduce:
Weblogic Workshop 8.1.4
<netui:label value="{pageFlow.someGetterThatUsesSession}"/>
<jsp:include page="test.jsp"/>
<netui:label value="{pageFlow.someGetterThatUsesSession}"/>
The tag before the jsp:include will work fine, while the one after jsp:include will throw LocalizedIllegalStateException
Edited by chutan at 01/09/2007 9:17 AM
Edited by chutan at 01/09/2007 11:53 AM -
GetSession() in new PageLifecycleContext (JDev 10.1.3)
I am converting some code to JDeveloper 10.1.3 production from 10.1.2 and I am unable to find an equivalent statement for this:
context..getHttpServletRequest().getSession().setAttribute("something", something);Can somebody please help me?Sorry for bothering everyone. I found it myself:
HttpSession session =((HttpServletRequest)context.getEnvironment().getRequest()).getSession();
session.setAttribute("something", something); -
Session problem: req.getSession(false) always attempt set a session cookie.
I am having a problem with getSession(false) method. For some reasone
when I do this:
doGet(.....){
HttpSession tmpsession = req.getSession(false);
RequestDispatcher dpatch =
this.getServletContext().getRequestDispatcher("/welcome.jsp");
dpatch.forward(req, res);
Even if tmpsession is null, my web browser tells me that the servlet is
trying to set a cookie. But the problem is that if I do accept the
cookie, next time I tried to access the same page, the servlet thinks
that there is already a session.
Has anyone seen this problem?
James Yuan Direct: 415-399-7274
Weblogic can be configured to automatically create a session. Check your properties file
for the value of weblogic.httpd.session.enable. If set to true, a session will be
automatically created for the user.
Guy
James Yuan <[email protected]> wrote:
> I am having a problem with getSession(false) method. For some reasone
> when I do this:
> doGet(.....){
> ...
> HttpSession tmpsession = req.getSession(false);
> .....
> ....
> RequestDispatcher dpatch =
> this.getServletContext().getRequestDispatcher("/welcome.jsp");
> dpatch.forward(req, res);
> }
> Even if tmpsession is null, my web browser tells me that the servlet is
> trying to set a cookie. But the problem is that if I do accept the
> cookie, next time I tried to access the same page, the servlet thinks
> that there is already a session.
> Has anyone seen this problem?
> --
> /-----------------------------------------\
> James Yuan Direct: 415-399-7274
-
GetSession and getCookies vs getWriter
Does one have to use the getSession and getCookies from the HttpServletRequest object before retrieving the Writer object from the HttpServletResponse's getWriter function? Or does the order not matter? Some books and online information provide conflicting information on the order of these. Thank You.
getCookies is for retrieving the cookies that are stored and getSession is for Http Session object. Both of them are not required to get a Writer object, which is used to write something to the screen.
Go thru a good JSP book and they will explain these more.
For a simple JSP, you dont need either getcookies or getsession.... -
SSO Exception : AM GetSession Info query Failed
Hi,
I've setup the following testing environment
a. AM 7.0 server in Internal Zone
b. Sun one Web server with Reverse Proxy plugin to AM Server in DMZ
c. Another SUN one Web with Policy Agent 2.2 in DMZ
I try to configure the policy agent to point AMserver on Web server with reverse proxy to AM 7.0 server. So that the AM 7.0 will be exposed in DMZ. I encounter error 500 after logging in with the ID and password. According to amagent log, exception occurs during the GetSession Info. It failed to retrieve the session ID for the agent login session. I did face the same problem if the agent config point directly to the AM server.
Appreciate if someone could share with me the possible cause of such exception.
Thank you.
-TGHi all,
> It could be deleted now, but I can't manage to do so. The result always is a NameNotFoundException
You might follow https://service.sap.com/sap/support/notes/1265538 - but without success (really, the content of the note - upgrade - is less than funny, and I just had the problem on SPS22).
But: In such a situation, what one can do is to delete the complete view (TicketKeystore). Before doing so, you might want to export the existing (working) cert/key to reimport them after recreating the whole view (by that, you don't have to recreate the SAPLogonTicketKeypair, which might be unwanted as you might have distributed them for SSO).
Hope it helps someone
Detlev -
HttpRequest.getSession(boolean create) is broken in WL 5.1
fix should be in sp6.
ISSUE 31384: Using request.getSession(false) when there is no current session was creating a new session.
"Ashish Gupta" <[email protected]> wrote:
>
>I am also getting the same problem.
><%@ page session="false" isthreadsafe="no" errorpage="error_page.jsp" %>
>HttpSession session = request.getSession(false);
>returns a valid session instead of 'null' both on WLS5.1 and WLS5.1 sp5 .
>I didn't see any reply from anyone at bea so am posting this. hope to see some acknowledgement and resolution.
>ashish
>
>
>"Ben Lindsey" <[email protected]> wrote:
>>Does anyone know if this issue has been resolved? I am currently using WLS
>>5.1 SP 5 and my JSP always creates a session even if session="false".
>>
>>Graham Johnson <[email protected]> wrote in message
>>news:[email protected]...
>>> The method
>>>
>>> public HttpRequest.getSession(boolean create)
>>>
>>> seems to be broken in WebLogic 5.1 (SP3). It works fine in 4.5.1.
>>>
>>> It appears to ignore the create flag an always creates and returns a
>>> session, instead of (from the JavaDoc):
>>>
>>> "If create is false and the request has no valid
>>> HttpSession, this method returns null."
>>>
>>>
>>> The following simple JSP illustrates the problem. Run it from a newly-
>>> opened browser and you'll get different results between 4.5.1 and 5.1:
>>>
>>> <%-- ================================================ --%>
>>> <%@ page session="false" %>
>>>
>>> <%= request.getSession(false) %>
>>> <%-- ================================================ --%>
>>>
>>> In 4.5.1 you'll get a blank page (because request.getSession(false)
>>> returns null). In 5.1 you'll get something like:
>>>
>>> weblogic.servlet.internal.session.MemorySession@45fde0
>>>
>>> meaning a session was created and attached to the request, when it
>>> shouldn't have been.
>>>
>>>
>>> --
>>> Graham K Johnson
>>> [email protected]
>>> Java Software Engineer
>>> Achieve Communications, Inc.
>>> Broomfield, CO
>>
>>
>
-
NoSuchMethodError: HttpServletRequest.getSession()
I've installed Oracle 8i AS on NT4. It comes with Apache JServ v1.0 - apparently complient with Servlet API v2.0 - and JVM v1.1.
I've checked Servlet API v2.0 on Sun's site and HttpServletRequest.getSession() is definitely there! So why do I get the following error in jserv.log?
[26/01/2001 14:33:36:453 GMT] java.lang.NoSuchMethodError: javax.servlet.http.HttpServletRequest: method getSession()Ljavax/servlet/http/HttpSession; not found
at org.apache.jserv.JServConnection.processRequest(JServConnection.java)
at org.apache.jserv.JServConnection.run(JServConnection.java)
at java.lang.Thread.run(Thread.java:479)
Thanks in advance for your help.
JMR
nullThe issue was with some HTTP port change and not with the above code.
-
ADFBindingFilter:getRequestedSessionId() and .getSession().getId() diffen
Hi all
To implement a security procedure we are extending ADFBindingFilter and overriding the doFilter() method.
We have one section of code that performs differently on our apps server compared to running on a local OC4J instance or using the embedded OC4J with JDeveloper.
The code is as follows.
String requestedWebSession = ((HTTPServletRequest) request).getRequestedSessionId();
String currentWebSession = ((HTTPServletRequest) request).getSession().getId();
Boolean sessionOK = currrentWebSession.equalsIgnoreCase(requestedSession);The code is used to partially determine whether the session requested is valid and works as expected in embedded OC4J with JDeveloper (10.1.3.3) and Standalone. Outputting requestedWebSession and currentWebSession to the console gives two identical session ids on embedded and standalone OC4J.
When we run the code on the apps server (10.1.3.3) and output the two variables, the session ids are for most part the same however the requestedWebSession consists of the same session id as held by currentWebSession, as well as another hex identifier appended on to the end. So the requestedWebSession is made up of a string that looks like the following:
“THE_SESSION_ID.SOME_OTHER_IDENTIFIER”.
This causes the String comparison to fail as it expects the requestedWebSession to be “THE_SESSION_ID”.
We have a workaround which ensures the entire currentWebSession string exists as part of requestedWebSession String (i.e. is a substring) but we need to ascertain whether this will potentially cause problems during upgrades etc.
The[b] only difference we can note is that on the application server, our applications are grouped together in an application group. In standalone and embedded this isn't the case.
Does anyone have any ideas as to why the other identifier is tagged on to the session?
Thanks in advance
KrisThe extra substring you refer to in the OracleAS environment is a small identifier that the mod_oc4j module within OHS tacks onto the jsessionid so it is aware of which server routed the previous request when it comes back next so it can be dispatched to the same instance in the optimistic case, or to another instance in the same group in the pessimistic case.
I suspect you could substring the jsessionid and trim off the trailing data safely. I had some code at one point to detect if the request was being handled on the OC4J AJP listener, so you could logic to determine if you needed to do it based on if the request was coming via OHS/mod_oc4j. I'm just about out the door for a weeks vacation so I won't be able to find it -- but if you think you need it for some reason, write back back here and I'll look for it when I get back.
-steve- -
ADFBindingFilter:getRequestedSessionId() and .getSession().getId() diffent?
Hi all
To implement a security procedure we are extending ADFBindingFilter and overriding the doFilter() method.
We have one section of code that performs differently on our apps server compared to running on a local OC4J instance or using the embedded OC4J with JDeveloper.
The code is as follows.
String requestedWebSession = ((HTTPServletRequest) request).getRequestedSessionId();
String currentWebSession = ((HTTPServletRequest) request).getSession().getId();
Boolean sessionOK = currrentWebSession.equalsIgnoreCase(requestedSession);The code is used to partially determine whether the session requested is valid and works as expected in embedded OC4J with JDeveloper (10.1.3.3) and Standalone. Outputting requestedWebSession and currentWebSession to the console gives two identical session ids on embedded and standalone OC4J.
When we run the code on the apps server (10.1.3.3) and output the two variables, the session ids are for most part the same however the requestedWebSession consists of the same session id as held by currentWebSession, as well as another hex identifier appended on to the end. So the requestedWebSession is made up of a string that looks like the following:
“THE_SESSION_ID.SOME_OTHER_IDENTIFIER”.
This causes the String comparison to fail as it expects the requestedWebSession to be “THE_SESSION_ID”.
We have a workaround which ensures the entire currentWebSession string exists as part of requestedWebSession String (i.e. is a substring) but we need to ascertain whether this will potentially cause problems during upgrades etc.
The[b] only difference we can note is that on the application server, our applications are grouped together in an application group. In standalone and embedded this isn't the case.
Does anyone have any ideas as to why the other identifier is tagged on to the session?
Thanks in advance
KrisHi,
I am aware of this token appended to teh session if SSO is used. If this is the case in your implementation then its safe to substring the ID to exclude the token
Frank -
Value stored getDBTransaction()..getSession().getUserData().get loss
Session variables stored using getDBTransaction()..getSession().getUserData().get("GlobalEntityID") are getting lost automatically. Whats happening ? I have deployed my application on oracle Application server 10g . Appl developed on 10.1.3.2. Is it that when the session is idle this is happening? we need to over this . can anybody help
regards
AmitI'd recommend reading sections:
--> 28.5 Managing Custom User Specific Information
--> 28.8 Testing to Ensure Your Application Module is Activation-Safe
in the ADF Developer's Guide for Forms/4GL Developers on the ADF Learning Center at http://www.oracle.com/technology/products/adf/learnadf.html
Information in the user data area is not automatically persisted in the state management snapshot. It's your application's responsibility to save it there and reload it on activation as described in the sections above. -
Difference between getSession() and getSession(true)
I am new to servlets. I couldn't find any difference between request.getSession()
and request.getSession(true) methods. Could any one help me plese.
Thanks.I am new to servlets. I couldn't find any difference
between request.getSession()
and request.getSession(true) methods. Could
any one help me plese.
Thanks.getSession() is a convenience method shortcut for getSession(true). There is no difference. There is a difference between getSession() and getSession(false) though...
(ie, if getSession(false) will not make a new session if one does not already exist...)
Maybe you are looking for
-
How to change JTree nodes background?
hello there i have a jtree which i set its background to red but the nodes background is still white why?and how to set the nodes background to red too? and how to remove the tree border because i tried setting it to null and it doesn't work? here is
-
Help in creating a Java class to convert Html source to XML
He Everyone! I am using selenium as my automation tool I got the htmlsource of the page using selenium. Now i have to write a Java class which will convert the data (html source) (and output a data structure in standard XML format Can anyone give me
-
Hi, I am still using flash 6.0, the version the school gave me, anyway first of all are there any updates available somewhere? I'm silll with the original 6.0000000 version. Now, my main point, I am creating a flash quiz using the templates availabl
-
HT1386 My ipod is not showing up in itunes
I plug the cable in the computer and I looked for the ipod but it doesn't show it in my itunes. The ipod is found on the computer but not in itunes.
-
Slight problem with DWM, terminator, and weechat
So obviously I use arch linux. My WM is dwm. I am using terminator for weechat so I can copy/paste. Only problem is I can't use ALT + left/right of the arrow key to navigate the channels on weechat. Anyone else have this problem or a solution?