Session tracking in JSP pages
I've two pages in my web application which need regular refresh after a particular interval.I'm using
(session.setMaxInactiveTime) to check the session validation.& HTML's <META> tag to regularly refresh the page after particular interval.
On these two pages there are links to the different pages for which i'm opening a new window.
But i'm losing the session after some time & i'm not able to catch the source from where the session is getting invalidated.even when i'm using meta tag of html to refresh the page.
I'm also using HttpSessionEventListener Interface to know when the session.putValue & session.removeValue
functions are used.
I hope the problem is clear to you people.
an urgent help/suggestion will be appreciated.
thanks in advance
Hi,
it isn't easy see your problem. When you losing your session? When you hava open a link from your page i a new browser window (instance) and return?
Also check follow: when no validate session exist, a jsp open a new session, else you use <%@ page session="false" %>
Roland
Similar Messages
-
How to do session tracking in JSP
I want to do session tracking in my JSP pages.Say once after the user logs in,on every page I can get his username for further use.Thank you for your help!
Richard<%
session.setAttribute("svUserName", request.getParameter("name_of_username_form_field"));
// from the login page
%>
then to retrieve,
<% String UserName;
UserName = (String)session.getAttribute("svUserName").toString(); %>
to display,
<%= UserName %> -
How to use Session scope in jsp page
Hello, I have login form, where user provides username and password. Then click on submit, it will forward to validation.jsp. Where it will check in database make sure username and password exit. Now i can also retrive accountid of perticular user. I want to put that username and accountid in session scope. so all other pages can use that username and accountid. How can i do that. I'm new at this, so please provide me example too. Here is my code for login.jsp and validation.jsp..
Validation.jsp
<%@ page import="java.util.*" %>
<%@ page import="java.sql.*" %>
//String name = request.getParameter( "username" );//
//session.setAttribute( "accountID",accountID );//
<%
String connURL = "jdbc:oracle:thin:@orca.csc.ncsu.edu:1521:ORCL";
Connection conn = null;
Statement stmt = null;
ResultSet rs = null;
Class.forName("oracle.jdbc.driver.OracleDriver").newInstance();
conn = DriverManager.getConnection(connURL, "vapatel","pjdas");
stmt = conn.createStatement();
String user=request.getParameter("userName");
String password=request.getParameter("password");
boolean entrance=false;
stmt.excuteQuery("SELECT AccountID From Password WHERE USERNAME='"+user+"'");
rs = stmt.executeQuery("SELECT * FROM Password WHERE USERNAME='"+user+"' AND PASSWORD='"+password+"'");
while(rs.next()){
String dbUser = rs.getString("USERNAME");
String dbPassword= rs.getString("PASSWORD");
if ((user.equals(dbUser)) && (password.equals(dbPassword))){
entrance=true;
if (entrance==true){%>
<jsp:forward page="form.jsp"/>
<%}
else{%>
<jsp:forward page="login.jsp"/>
<%}
%>hi,
to put something into session scope in a jsp page use:
session.setAttribute("counter", Integer.toString(5));to retrieve is from a jsp page use:
String counterAttribute = (String)session.getAttribute("counter"); -
How the hell does a person share session data between JSP page and a Servle
1. How the hell does one share session data between a servlet and a JSP page without using a bean but rather using a normal string variable.
2. When using session scope to access a bean the application complains about not finding the bean on the specified scope, however when I use an application scope the save the same bean, the application does find it.
Please help!!!!!!!
SERVLET:
HttpSession session = request.getSession(true);
ServletContext servletContext = session.getServletContext();
customerID = result.getString("CustomerID");
userName = result.getString("UserName");
session.setAttribute("UserName",userName);
session.setAttribute("CustomerID",customerID);
System.out.println("Customer UserName = " + session.getAttribute("UserName"));
response.sendRedirect("/economics/subscriptions/default.jsp");
JSP PAGE:
<?xml version="1.0" encoding="UTF-8"?>
<jsp:root xmlns:jsp=http://java.sun.com/JSP/Page mlns:c="http://java.sun.com/jsp/jstl/core" xmlns:sql="http://java.sun.com/jsp/jstl/sql" version="2.0">
<jsp:directive.page isThreadSafe="true" session="true" contentType="text/xml"/><jsp:output omit-xml-declaration="false"/><jsp:scriptlet>response.addHeader("x-xslt-nocache", "true");</jsp:scriptlet><pml>
<page type="web" search="y">
<pageName>Commercial Banking</pageName>
<jsp:directive.include file="/economics/header.inc"/>
<jsp:directive.include file="/login.inc"/>
<jsp:directive.include file="/economics/leftMenu.inc"/>
<!--<jsp:useBean id="UserName" type="java.lang.String" scope="session" />-->
<content>
<searchSum>Commercial - Main Content</searchSum>
Value = <c:out value="${request.session.getAttribute("UserName")}"/>
</content>
<jsp:directive.include file="/economics/rightNav.inc"/>
<jsp:directive.include file="/footer.inc"/>
</page></pml></jsp:root>For a start, just "session" instead of "request.session" would work better. But why did you post this here and not in the JSP forum? Doesn't seem to have anything to do with Java programming.
-
Seting a JSp variable to session scope in JSp page itself
Hi,
I have code like this
<HTML>
<HEAD>
<TITLE>Change Password</TITLE>
<LINK REL ="stylesheet" TYPE="text/css" HREF="stylesheet/vclinical.css" TITLE="Style">
</HEAD>
<BODY>
<form name="form">
<select name="ss" onChange="this.form.qq.value=options[selectedIndex].value;getit()">
<option value=1>ss1</option>
<option value=2>ss2</option>
</select>
<input type="text" name="qq" value="">
<%
String asd=request.getParameter("qq");
session.setAttribute("Stored", asd);
System.out.println("value is"+asd);
%>
</form>
</BODY>
</HTML>
here i want to set value of a JSP variable qq to session scope and here i am not invoking any servlet i want value of qq in next JSP page i am not submitting the page so how i can handle this. this code does not work so please tell me how to do this i am using struts frame workif you are using the struts framework, then you can make an ActionForm with getters and setters for the stuff that you are writing in the JSP i mean the radio buttons and text boxes etc
from that action form you can get the values any time any where
you just need to enter some thing like below in the struts-config.xml file
<form-bean name="the action form name" type="package name.Actionform name" />
<action path="/controller " type="package name.controller name" name="Action form name" scope="session">
you can either put the action form in request scope or session scope -
hi,
we have used JSP and JavaBeans in a simple employee database kindof application. each employee has a manager and some details. an employee logs into the system using his employee id and a password and performs related tasks.
we are unable to maintain session details for the same. we have a login bean which contains the employee id and password and these details are forwarded to each JSP page when required but somehow the data is getting mixed up. for instance, if two users sign in at the same time then the data for the two is gettign mixed up and there is no demarcation for the same.
can anyone help me with this ?
thanks in advanceIf you are using a bean to maintain user data, then declaring this with session scope is all you need to do to keep the information seperate.
Make sure that data the bean accesses is not shared in any way, for example, if you use a common class to access the database, make sure each bean instantiates its own copy.
Are you testing this with two users on different machines? If testing on one machine, firefox does not allow multiple sessions, IE does. -
Hi All,
I am using JSF JSP pages. One such page is login.jsp I have backing object backing_login
On successful login, listUser.jsp page is displayed. In this page, I have a HTML --- Commons Hyperlink component as follows.
<tr>
<td height="17">
<a href="http://129.212.139.36:8991/GeminiLogin-ViewController-context-root/faces/listUsers.jsp">
Manage Users
</a>
<afh:script binding="#{backing_createModify.script1}"
id="script1"/>
</td>
</tr>
Now the question:---
I do get to know the UserType in the backing_login object (either 'cma' or 'ea').
Now, if it is cma I want the above link tobe dispalyed in listUser.jsp else DO NOT display the link.
How can I do that ? I dont know, how to pass UserType information available in baking_login to the listUser.jsp and
second, how can conditionally use that info to either hide or display that hyperlink ?
Your help appreaciated.
thanks in advance
ppYou can use an ADF Faces link component and condition the display attribute for it on the value of your backing bean
There are some samples of conditional display in the posts from Grant here:
http://groundside.com/blog/GrantRonald.php?m=200512 -
How to manage session tracking in jsp
how to track user account upto when he log out from the application. and tell me how to develop secure page.
You've posted this to the wrong forum: this forum is about Java Web Start, which is a product of Sun Microsystems.
-
Session Login and Logout in jsp page
hi
i am developing jsp page
i completed except logout.jsp page
my login page is in Jsp format and then business Logic in servlet and then get method & set method in bean.java
i have login and then it sucess page there i have singout button
if i sign out it should go to login page
how to do
how to make session invalidate
how to get session id
i have one more doubt i should check session invalidate each jsp page
regarding session login and logout in jsp
if anybody knows please give me a piece of code regarding login and logout
Regards
AkshathaThis is part of your filter class now you need login.jsp page
<%@taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link rel="Stylesheet" type="text/css" href="/PAS/css/site.css"/>
<title>Automation System | Login Page</title>
</head>
<body>
<div align="center">
<h1>Photint Automation System</h1>
</div>
<br/><br/><br/>
<center>
<table border="1" cellpadding="0" cellspacing="0" width="40%" bgcolor="FFFFFFFF">
<thead>
<tr>
<th align="left" height="30"> <h3> Login</h3></th>
</tr>
</thead>
<tbody>
<tr>
<td>
<div align="center">
<form name="LOGIN" action="/PAS/LoginServlet" method="POST">
<table border="0">
<tbody>
<tr>
<td height="15"></td>
<td height="15"></td>
<td height="15"></td>
<td height="15"></td>
</tr>
<tr>
<td height="30"></td>
<td align="right" height="30">User Name : </td>
<td align="left" height="30"><input type="text" name="USERNAME" value="" size="35" /></td>
<td height="30"></td>
</tr>
<tr>
<td height="30"></td>
<td align="right" height="30">Password : </td>
<td align="left" height="30"><input type="password" name="PASSWORD" value="" size="35" /></td>
<td height="30"></td>
</tr>
<tr>
<td height="50"></td>
<td height="50"></td>
<td align="center" height="50"><input type="submit" value="Login" name="Login" /> <input type="reset" value="Reset" name="Reset" /></td>
<td height="50"></td>
</tr>
</tbody>
</table>
</form>
</div>
</td>
</tr>
</tbody>
</table>
</center>
<br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/>
<br/><br/><br/>
<center>Copyright © 2009 Photint FZ LLC</center>
<center>Powered by Ali Jamali</center>
<center>Version : 1.0</center>
</body>
</html>And you need loginServlet.java
package com.ali.util.filter;
import com.ali.entity.user.UserEntity;
import com.ali.util.HibernateUtil;
import java.io.IOException;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class LoginServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
protected void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String username = request.getParameter("USERNAME");
String password = request.getParameter("PASSWORD");
if (username == null || username.length() == 0) {
System.err.println(" Username textfeild is empty ..... !");
RequestDispatcher dispatcher = request.getRequestDispatcher("Pages/user/LogIn.jsp");
dispatcher.forward(request, response);
return;
if (UserRegistry.isUserLoggedIn(username)) {
System.out.printf("User [%s] is already logged in. \n", username);
RequestDispatcher dispatcher = request.getRequestDispatcher("Pages/user/LogIn.jsp");
dispatcher.forward(request, response);
return;
UserEntity user = null;
try {
user = (UserEntity) HibernateUtil.load(UserEntity.class, username);
if (user == null || !user.getPassword().equals(password)) {
RequestDispatcher dispatcher = request.getRequestDispatcher("Pages/user/LogIn.jsp");
dispatcher.forward(request, response);
System.err.println(" Password or username is not valid ..... !");
return;
} catch (Exception e) {
e.printStackTrace();
RequestDispatcher dispatcher = request.getRequestDispatcher("Pages/user/LogIn.jsp");
dispatcher.forward(request, response);
return;
HttpSession session = request.getSession();
System.err.println(request.getRemoteAddr());
session.setAttribute("username", user.getFirstName());
session.setAttribute("userType", user.isAdmin());
UserRegistry.logInUser(username);
response.sendRedirect("/PAS/index.jsp");
}finally is you need to just one user can be online at time or need to know how many user & who is online you should at this class also
package com.ali.util.filter;
import java.util.ArrayList;
import java.util.List;
public class UserRegistry {
private static final List loggedInUsers = new ArrayList();
public static void logInUser(String username) {
loggedInUsers.add(username);
public static void logoutUser(String username) {
if (isUserLoggedIn(username)) {
loggedInUsers.remove(username);
public static boolean isUserLoggedIn(String username) {
return loggedInUsers.contains(username);
}If you have any more Q. or any comment , Most welcome
Thanks
Ali Jamali -
Accessing session attribute in output jsp page
Hi i am not getting any output in jsp page...
i am getting just heading
i think some problem with Session attribute..
if so how to access session been in jsp page
my code is here
<%@page contentType="text/html"%>
<%@page pageEncoding="UTF-8"%>
<%--
The taglib directive below imports the JSTL library. If you uncomment it,
you must also add the JSTL library to the project. The Add Library... action
on Libraries node in Projects view can be used to add the JSTL 1.1 library.
--%>
<%--
<%@taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
--%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Tauvex Search Output</title>
</head>
<body>
Tauvex Search Output
<table>
<c:forEach items="${myDataList}" var="myData">
<tr>
<td>${myData.Fitsfilename}</td>
<td>${myData.RA_START}</td>
<td>${myData.RA_END}</td>
<td>${myData.DEC_START}</td>
<td>${myData.DEC_END}</td>
<td>${myData.telescope}</td>
<td>${myData.STARTOBS}</td>
<td>${myData.ENDOBS}</td>
<td>${myData.FILTER}</td>
</tr>
</c:forEach>
</table>
<%--
This example uses JSTL, uncomment the taglib directive above.
To test, display the page like this: index.jsp?sayHello=true&name=Murphy
--%>
<%--
<c:if test="${param.sayHello}">
<!-- Let's welcome the user ${param.name} -->
Hello ${param.name}!
</c:if>
--%>
</body>
</html>
plz reply soon
thanks a lotthis is what i set in servlet
request.setAttribute("myDataList", myDataList);
request.getRequestDispatcher("someJspFile.jsp").forward(request, response);
how can i access that session attribute in jsp -
What role can ejb Session Beans play jsp session tracking
I am also looking for a way to use JSP as ejb client with WLS5.1. i would appreciate any help.
-Girish
Prasad Peddada <[email protected]> wrote:
>David,
> The beans which are refered in jsp specs are java beans and not EJB.
>
>Prasad
>
>David Levy wrote:
>>
>> Hello,
>>
>> We are using Jsp/Servlets which will hold session state and subsequently
>> call ejb Session Beans for transaction/persistence coordination . We are
>> not sure if we are using the correct techniques to control object memory.
>>
>> Summary of what we have:
>>
>> A jsp with the "useBean" directive:
>> <jsp:useBean id="MySession" class="com....MySession"
>> scope="session"></jsp:useBean>
>>
>> The class MySession holds other classes ( all serializable).
>> The class MySession is NOT an ejb Session Bean
>>
>> Questions:
>> We are considering making class MySession an ejb Session Bean so (via it's
>> passivate/activate feature) we can control instances in memory as more web
>> clients start the session from the jsp page. I.E. all web clients will have
>> their own HttpSession instance which holds on to an ejb Session Bean object
>> "MySession"( or a passivated representation of it)
>>
>> 1) Is this a sufficient approach or will there be other memory concerns?
>> I.E. What about all the HttpSession objects out there? Do they need to be
>> passivated as well?
>>
>> 2) If its a good idea to passivate the HttpSessions as well, then what
>> mechanism should be used ( servlet session persistence)? Also, if we are
>> passivating the HttpSession (which holds on to the MySession object graph)
>> , then why bother with the SessionBean for passivation
>>
>> 3) Currently, we only have a single instance of a servlet handling all
>> requests. Will multiple instances buy us anything?
>>
>> 4) How does clustering relate to this topic?
>>
>> 5) Can we change the "jsp:useBean" directive so MySession is an ejb Session
>> Bean or do we have to do the "home.create()" within a jsp script?
>>
>> thanks,
>> dave
-
Disable non-SSL session tracking?
Hi, all,
I wonder if one can disable all session tracking in JSP's whenever SSL is not being used? I would like to turn off all cookie-setting and URL-rewriting and use SSL-session tracking only (if I use session-tracking at all on a given page). I also want to specify this behavior programmatically (inside my JSP's) and not in my server's config files.
I'm basically concerned that if my user leaves one of my HTTPS pages, they will still retain a non-secure cookie with their session information. This seems to be indeed the default behavior: when I run my tests and transition from an HTTPS page to an HTTP one, the browser does store a cookie. I know I can invalidate the session as the next step, but I'd rather have the cookie not being set altogether to begin with. Imagine the situation where the user leaves my HTTPS page for a totally different (HTTP) website: in this setting I won't get a chance to invalidate the session and delete the cookie.
Any ideas, therefore, on how to programmatically disable non-SSL session-tracking?
Thanks,
Dmitri.I don't think you can do this programatically.
However I also don't think it is a problem.
Cookies are related to zone names aren't they?
http://mysite and https://mysite are two different
zones as far as cookies are concerned. One should
not be able to see the other.
It issues a new cookie for the http site you are just
navigating to. That cookie has nothing to do with
the secure site you just came from, and shouldn't be
able to tell them any info about the secure site.
I think you are worrying about something that isn't
really there.
What is your concern? That they pick up a JSESSIONID
from the cookie and can then pretend to be a
different user?Yes. A cookie is transmitted and stored unencrypted, I imagine (in any case, it should be more easily crackable than SSL). I wish Sun came up with an extension to the Session API where you would be able to explicitly specify which session-tracking protocols you want used and which ones you don't. At the moment their API abstracts and manages too much detail for you.
I mean, if my site is supposed to be secure while I'm using SSL, then you'd expect that no information about those secure sessions should leak outside the SSL protocol, wouldn't you say? -
Junk characters like" � � "displayed in the jsp page please help.
Hi,
I am getting junk characters like � � displayed in the jsp page.
In the JSP page i used javascript "& nbsp" for appending spaces to a string "CCR" to get "CCR " .
Now the Resultant string "CCR " has three spaces appended to its right.
This String is set in session in that JSP page.
In the next JSP page i am getting that string from session.
After getting the string the "substring" function is performed to get only the first 5 charcters of the string. Now the result is displayed as " CCR� � " with has last 2 characters as junk values � � insteed of displaying as "CCR ". Please help me in solving this issue.
Please note that initially the sting "CCR" is got from the Oracle database in Solaris Machine.
Regards,
Vijayhave you tried:
strenuously inspecting the string that is coming from the db? do an actual loop over the string, character by character, dumping to System.out to make sure the characters are EXACT coming out of the db.
note you have to append " " not just "& nbsp"
post the code that is doing the output. the relevant bean code, the jsp, everything relevant - WITH COMMENTS discussing where things are happening.
Also, is it "weird characters" in the browser only? have you done a view source on the actual html source that the browser is rendering (right click in IE and click view source). browsers can act odd if you don't feed then exactly what they want, and it looks like you're feeding it escaped characters that it is rendering as something else. -
Problem accessing session variable from jsp
Hi!
I get an error retrieving a session variable from inside a JSP declaration scriptlet....
Something like this code in a JSP page:
<%!
public void funtion1() {
String parameter1 = session.getAttribute("parameter1");
%>I have seen that I have available getContextServer() method and from there I could call getAttribute("parameter1") . But the thing is that the attribute I want to retrieve was stored in session by another Jsp page.
Any solutions are welcome
Cheers
VictorAppropriately the above is one the reasons also You cannot use JSP implicit objects from the declaration tag. However we can think of a small workaround by passing the reference like the one discussed below
<%!public void funtion1(HttpSession session) {
String parameter1 = session.getAttribute("parameter1").toString();
}%>
<% funtion1(session);%>Hope that helps :)
REGARDS,
RaHuL -
Calling Session Beans in JSP ?
Hi Folks,
I am new to EJB3, I am doing simple applicatuions.
Can any one please tell me how to call session beans in jsp page.
for example my case is.. iam entering two diffrent data, lets say user name and password in jsp page and this should go in data base thru JPA (entity beans)
Iam able to enter data from JPA in data base but if the same i have to fetch from JSP page.. iam not getting..!
I would really appretiate for your help i need it urgent...!
thanks in advance.abishek1983 wrote:
Hi Folks,
I am new to EJB3, I am doing simple applicatuions.
Can any one please tell me how to call session beans in jsp page.
Not. You can, technically, but you shouldn't. JSP should be for display purposes only, containing no Java code whatsoever.
for example my case is.. iam entering two diffrent data,Wrong. You cannot possibly have "2 data", the very concept is impossible.
You can have "2 data items" which is probably what you intended to say?
lets say user name and password in jsp page and this should go in data base thru JPA (entity beans)
Iam able to enter data from JPA in data base but if the same i have to fetch from JSP page.. iam not getting..!
Same way you insert them. Of course JPA entities are distinctly different from entity beans. The very concept of entity beans no longer exists in the context of JPA, it's solely used to mean EJB 2.1 or earlier entity beans.
I would really appretiate for your help i need it urgent...!
It's not urgent.
Maybe you are looking for
-
Opening a word doc from HTML in IE
Hi Guys, In my portal, i have one html page, where there is a link to open a word document, if i click on that link, it is directly showing the content on the html page, rather than asking for whether you want to save that word file or open a file or
-
Payment terms and delivery terms
Dear SAP Gurus, How to create new payment terms and delivery terms in Materials Management module and what are the settings required/integration with FICO mudule.Please guide me. Thanks and regards Mahesh
-
I lost my Maps Application. It's now where to be found! I even checked my restrictions! Does anyone know how to get it back? TIA
-
Can you tell me of some good blogs?
I want to research BLOGS. Can you suggest one or two (other than the iWeb blog) that are user friendly and easy on the eyes? A friend just sent me the URL for her blog on eBlog and it seems OK but I am sure that there are better ones. I have to say t
-
Shared technologies error can't downloade Photshop Elements 11
When I try to download Photoshop Elements 11 I get an error message error while installing share technologies.