javax.servlet.http
Interface HttpSession


public interface HttpSession

Sessions are a convenient way to connect users to web pages. Because HTTP requests are intrinsically stateless, cookies and sessions are needed to implement more sophisticated interfaces like user preferences.

Because a web site might easily have thousands of simultaneous sessions, session attributes generally store small chunks of data rather than large objects.

The servlet engine controls the number of active sessions through two methods: a time limit on inactive sessions, and a cap on the number of active sessions. The cap on the number of sessions is controlled by an LRU mechanism, so active sessions will not be culled. Session configuration is per-application. It looks like:

 <session-config session-max='4096'
                 session-timeout='30'/>
 

Load balancing

When using load balancing with Apache, sessions will always go to the same JVM. The session id encodes the JVM which first created the session.


Method Summary
 java.lang.Object getAttribute(java.lang.String name)
          Returns a session value.
 java.util.Enumeration getAttributeNames()
          Returns an enumeration of all the attribute names.
 long getCreationTime()
          Returns the time when the session was created.
 java.lang.String getId()
          Returns the id for the session.
 long getLastAccessedTime()
          Returns the time when the session was last accessed.
 int getMaxInactiveInterval()
           
 HttpSessionContext getSessionContext()
          Deprecated.  
 java.lang.Object getValue(java.lang.String name)
          Deprecated.  
 java.lang.String[] getValueNames()
          Deprecated.  
 void invalidate()
          Invalidates the current session.
 boolean isNew()
          Returns true if the session is new.
 void putValue(java.lang.String name, java.lang.Object value)
          Deprecated.  
 void removeAttribute(java.lang.String name)
          Removes an attribute.
 void removeValue(java.lang.String name)
          Deprecated.  
 void setAttribute(java.lang.String name, java.lang.Object value)
          Sets an attribute value.
 void setMaxInactiveInterval(int interval)
          Sets the maximum inactive interval.
 

Method Detail

getId

public java.lang.String getId()
Returns the id for the session. The session variable name is 'jsessionid'. getId returns the randomly generated value.

isNew

public boolean isNew()
Returns true if the session is new. If the servlet engine found the session from the client's request, isNew is false.

getCreationTime

public long getCreationTime()
Returns the time when the session was created.

getLastAccessedTime

public long getLastAccessedTime()
Returns the time when the session was last accessed.

setMaxInactiveInterval

public void setMaxInactiveInterval(int interval)
Sets the maximum inactive interval. Sessions have a limited lifetime. When the lifetime ends, the session will be invalidated.
Parameters:
interval - the new inactive interval in seconds.

getMaxInactiveInterval

public int getMaxInactiveInterval()

getAttribute

public java.lang.Object getAttribute(java.lang.String name)
Returns a session value.
Parameters:
name - of the attribute.
Returns:
stored value

getAttributeNames

public java.util.Enumeration getAttributeNames()
Returns an enumeration of all the attribute names.

setAttribute

public void setAttribute(java.lang.String name,
                         java.lang.Object value)
Sets an attribute value. Because servlets are multithreaded, setting HttpSession attributes will generally need synchronization. Remember, users may open multiple browsers to the same page.

A typical initialization of an session attribute might look like:

 HttpSession session = request.getSession();
 String user;
 synchronized (session) {
   user = (String) session.getAttribute("user");
   if (user == null) {
     user = lookupUser(request);
     sesion.setAttribute("user", user);
   }
 }
 
Parameters:
name - of the attribute.
value - value to store

removeAttribute

public void removeAttribute(java.lang.String name)
Removes an attribute. If the attribute value implements HttpSessionBindingListener, it will receive a notice when it is removed. Because servlets are multithreaded, removing ServletContext attributes will generally need synchronization.
Parameters:
name - of the attribute.

invalidate

public void invalidate()
Invalidates the current session. Calling most of the session methods after invalidation will throw an IllegalStateException.

All attribute values which implement HttpSessionBindingListener, will receive a notice when they're removed at invalidation.


getSessionContext

public HttpSessionContext getSessionContext()
Deprecated.  


getValue

public java.lang.Object getValue(java.lang.String name)
Deprecated.  


getValueNames

public java.lang.String[] getValueNames()
Deprecated.  


putValue

public void putValue(java.lang.String name,
                     java.lang.Object value)
Deprecated.  


removeValue

public void removeValue(java.lang.String name)
Deprecated.