javax.servlet.http
Interface HttpSession

All Known Implementing Classes:
SessionImpl

public interface HttpSession

Sessions are a convenient way to connect users to web pages. Because HTTP requests are intrinsically stateless, cookies and sessions are needed to implement more sophisticated interfaces like user preferences.

Because a web site might easily have thousands of simultaneous sessions, session attributes generally store small chunks of data rather than large objects.

The servlet engine controls the number of active sessions through two methods: a time limit on inactive sessions, and a cap on the number of active sessions. The cap on the number of sessions is controlled by an LRU mechanism, so active sessions will not be culled. Session configuration is per-application. It looks like:

 <session-config session-max='4096'
                 session-timeout='30'/>
 

Load balancing

When using load balancing with Apache, sessions will always go to the same JVM. The session id encodes the JVM which first created the session.


Method Summary
 java.lang.Object getAttribute(java.lang.String name)
          Returns a session value.
 java.util.Enumeration<java.lang.String> getAttributeNames()
          Returns an enumeration of all the attribute names.
 long getCreationTime()
          Returns the time when the session was created.
 java.lang.String getId()
          Returns the id for the session.
 long getLastAccessedTime()
          Returns the time of last request associated with a session before the current request
 int getMaxInactiveInterval()
           
 ServletContext getServletContext()
          Returns the owning servlet context.
 HttpSessionContext getSessionContext()
          Deprecated.  
 java.lang.Object getValue(java.lang.String name)
          Deprecated.  
 java.lang.String[] getValueNames()
          Deprecated.  
 void invalidate()
          Invalidates the current session.
 boolean isNew()
          Returns true if the session is new.
 void putValue(java.lang.String name, java.lang.Object value)
          Deprecated.  
 void removeAttribute(java.lang.String name)
          Removes an attribute.
 void removeValue(java.lang.String name)
          Deprecated.  
 void setAttribute(java.lang.String name, java.lang.Object value)
          Sets an attribute value.
 void setMaxInactiveInterval(int interval)
          Sets the maximum inactive interval.
 

Method Detail

getId

java.lang.String getId()
Returns the id for the session. The session variable name is 'jsessionid'. getId returns the randomly generated value.


isNew

boolean isNew()
Returns true if the session is new. If the servlet engine found the session from the client's request, isNew is false.


getCreationTime

long getCreationTime()
Returns the time when the session was created.


getLastAccessedTime

long getLastAccessedTime()
Returns the time of last request associated with a session before the current request


setMaxInactiveInterval

void setMaxInactiveInterval(int interval)
Sets the maximum inactive interval. Sessions have a limited lifetime. When the lifetime ends, the session will be invalidated.

Parameters:
interval - the new inactive interval in seconds.

getMaxInactiveInterval

int getMaxInactiveInterval()

getAttribute

java.lang.Object getAttribute(java.lang.String name)
Returns a session value.

Parameters:
name - of the attribute.
Returns:
stored value

getAttributeNames

java.util.Enumeration<java.lang.String> getAttributeNames()
Returns an enumeration of all the attribute names.


setAttribute

void setAttribute(java.lang.String name,
                  java.lang.Object value)
Sets an attribute value. Because servlets are multithreaded, setting HttpSession attributes will generally need synchronization. Remember, users may open multiple browsers to the same page.

A typical initialization of an session attribute might look like:

 HttpSession session = request.getSession();
 String user;
 synchronized (session) {
   user = (String) session.getAttribute("user");
   if (user == null) {
     user = lookupUser(request);
     sesion.setAttribute("user", user);
   }
 }
 

Parameters:
name - of the attribute.
value - value to store

removeAttribute

void removeAttribute(java.lang.String name)
Removes an attribute. If the attribute value implements HttpSessionBindingListener, it will receive a notice when it is removed. Because servlets are multithreaded, removing ServletContext attributes will generally need synchronization.

Parameters:
name - of the attribute.

invalidate

void invalidate()
Invalidates the current session. Calling most of the session methods after invalidation will throw an IllegalStateException.

All attribute values which implement HttpSessionBindingListener, will receive a notice when they're removed at invalidation.


getSessionContext

HttpSessionContext getSessionContext()
Deprecated. 


getServletContext

ServletContext getServletContext()
Returns the owning servlet context.


getValue

java.lang.Object getValue(java.lang.String name)
Deprecated. 


getValueNames

java.lang.String[] getValueNames()
Deprecated. 


putValue

void putValue(java.lang.String name,
              java.lang.Object value)
Deprecated. 


removeValue

void removeValue(java.lang.String name)
Deprecated.