You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by Enrique Rodriguez <la...@telefonica.net> on 2002/03/22 04:40:18 UTC
Application without cookies and sessions
Hi all,
I'm very newbie with struts and java. I'm developing an application anf I
don't like to use cookies or session objects.
Focusing in the struts example, the user is in the session. Why not set this
object in the request parameter in all the actions and jsps??
ActionClass
//Code
request.setParameter("user", user);
//more code
Jsp
//Code
<%
pageContext.setParameter("user", user);
%>
//more code
Is this a good practice??
Is there another ways to do it??
Regards, Enrique.
_____________________________
Enrique Rodriguez Lasterra
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Application without cookies and sessions
Posted by Ted Husted <hu...@apache.org>.
The intent of the Struts Example is not to demonstrate best practices,
but to demonstrate how to do several things that developers commonly
want to do. One thing that many developers like to do is store objects
in the session context, and so the example demonstrates how this can be
done. Of course, there are many ways to do most anything, and Struts is
designed so that it can support just about any scheme you choose.
-- Ted Husted, Husted dot Com, Fairport NY US
-- Developing Java Web Applications with Struts
-- Tel: +1 585 737-3463
-- Web: http://husted.com/about/services
Enrique Rodriguez wrote:
>
> Hi all,
>
> I'm very newbie with struts and java. I'm developing an application anf I
> don't like to use cookies or session objects.
>
> Focusing in the struts example, the user is in the session. Why not set this
> object in the request parameter in all the actions and jsps??
>
> ActionClass
> //Code
> request.setParameter("user", user);
> //more code
>
> Jsp
> //Code
> <%
> pageContext.setParameter("user", user);
> %>
> //more code
>
> Is this a good practice??
>
> Is there another ways to do it??
>
> Regards, Enrique.
>
> _____________________________
> Enrique Rodriguez Lasterra
>
> --
> To unsubscribe, e-mail: <ma...@jakarta.apache.org>
> For additional commands, e-mail: <ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Application without cookies and sessions
Posted by Nicolas De Loof <ni...@cgey.com>.
You can configure the session time-out on your servlet container. (refer to
it's documentation). I currently use 30 minutes for web administration
application.
When the time-out occurs, the session collection and it's included objects
are destroyed.
If you configure a very high time-out, be carreful that the memory used by
the session has to be released when the user quits, using a Disconnect URL
that invalidates the session (see javax.servlet.http.HTTPSession javadoc).
There is a mecanism to make the session being persistant: The session
objects and ID are store to a database. This is called "persistant session
management". I've never used it, but perhaps you're interested ?
> Hi Nicolas,
>
> First of all, thank you very much for your response.
>
> What about the session timeout??? I don't like websites that if you left
it
> for ten minutes you have to login again.
>
> Is there any way to do a site without take care of session timeouts??
>
> Regards, and pardon for my english.
>
> Enrique.
>
> _____________________________
> Enrique Rodriguez Lasterra
>
>
> > De: Nicolas De Loof
> >
> >
> > Don't panic about session and cookies !
> >
> > Session are used to maintain state in your application between 2 request
> > from user : HTTP is a non connected protocol, so you cannot know
> > where your
> > user comes from where you perform a request.
> >
> > Session is just a Collection of objects in memory associated whith an id
> > that servlet container maintain for you. User browser whith cookies
> > activated receives a cookie with this id so that the container is able
to
> > link future request to the session collection associated with the user.
> > Without cookies, URL are expanded to add the id as a parameter of
> > requests.
> >
> > If you put objets in the request scope, after the JSP has
> > produced the HTML
> > page the objects are destroyed ! Your user objet that MUST be retrieved
in
> > other requests MUST be in the stored session scope.
> >
> > > Hi all,
> > >
> > > I'm very newbie with struts and java. I'm developing an
> > application anf I
> > > don't like to use cookies or session objects.
> > >
> > > Focusing in the struts example, the user is in the session. Why not
set
> > this
> > > object in the request parameter in all the actions and jsps??
> > >
> > > ActionClass
> > > //Code
> > > request.setParameter("user", user);
> > > //more code
> > >
> > > Jsp
> > > //Code
> > > <%
> > > pageContext.setParameter("user", user);
> > > %>
> > > //more code
> > >
> > >
> > > Is this a good practice??
> > >
> > > Is there another ways to do it??
> > >
> > > Regards, Enrique.
> > >
> > >
> > > _____________________________
> > > Enrique Rodriguez Lasterra
> > >
> > >
> > > --
> > > To unsubscribe, e-mail:
> > <ma...@jakarta.apache.org>
> > > For additional commands, e-mail:
> > <ma...@jakarta.apache.org>
> >
> >
> > --
> > To unsubscribe, e-mail:
> > <ma...@jakarta.apache.org>
> > For additional commands, e-mail:
> > <ma...@jakarta.apache.org>
> >
>
>
> --
> To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
> For additional commands, e-mail:
<ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Application without cookies and sessions
Posted by Sean Willson <se...@divine.com>.
There are a number of ways this can be handled. You can set your timeout
at a larger value but then you can have memory bloat if there are to
many sessions. You can also create an object that implements the
HttpSessionListener or HttpSessionBindingListener interface. When the
user logs in place this object in their session, this object being the
user object you want to save or the state you want to save. Be sure it
implements one of both of those interfaces. Then when the container
attempts to remove or destroy the session you can save the users data
either to the database or serialize it somewhere to flat file, that's up
to you. You can then as a part of the login process on your site check
for serialized user data somewhere (database or flat file depending on
how you implemented) and load that data back into their session. That
way you don't lose any data they may have saved.
Hope this helps some ... don't be afraid of sessions, just make sure you
intelligently manage them.
Sean
Enrique Rodriguez wrote:
> Hi Nicolas,
>
> First of all, thank you very much for your response.
>
> What about the session timeout??? I don't like websites that if you left it
> for ten minutes you have to login again.
>
> Is there any way to do a site without take care of session timeouts??
>
> Regards, and pardon for my english.
>
> Enrique.
>
> _____________________________
> Enrique Rodriguez Lasterra
>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: Application without cookies and sessions
Posted by Enrique Rodriguez <la...@telefonica.net>.
Hi Nicolas,
First of all, thank you very much for your response.
What about the session timeout??? I don't like websites that if you left it
for ten minutes you have to login again.
Is there any way to do a site without take care of session timeouts??
Regards, and pardon for my english.
Enrique.
_____________________________
Enrique Rodriguez Lasterra
> De: Nicolas De Loof
>
>
> Don't panic about session and cookies !
>
> Session are used to maintain state in your application between 2 request
> from user : HTTP is a non connected protocol, so you cannot know
> where your
> user comes from where you perform a request.
>
> Session is just a Collection of objects in memory associated whith an id
> that servlet container maintain for you. User browser whith cookies
> activated receives a cookie with this id so that the container is able to
> link future request to the session collection associated with the user.
> Without cookies, URL are expanded to add the id as a parameter of
> requests.
>
> If you put objets in the request scope, after the JSP has
> produced the HTML
> page the objects are destroyed ! Your user objet that MUST be retrieved in
> other requests MUST be in the stored session scope.
>
> > Hi all,
> >
> > I'm very newbie with struts and java. I'm developing an
> application anf I
> > don't like to use cookies or session objects.
> >
> > Focusing in the struts example, the user is in the session. Why not set
> this
> > object in the request parameter in all the actions and jsps??
> >
> > ActionClass
> > //Code
> > request.setParameter("user", user);
> > //more code
> >
> > Jsp
> > //Code
> > <%
> > pageContext.setParameter("user", user);
> > %>
> > //more code
> >
> >
> > Is this a good practice??
> >
> > Is there another ways to do it??
> >
> > Regards, Enrique.
> >
> >
> > _____________________________
> > Enrique Rodriguez Lasterra
> >
> >
> > --
> > To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> > For additional commands, e-mail:
> <ma...@jakarta.apache.org>
>
>
> --
> To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> For additional commands, e-mail:
> <ma...@jakarta.apache.org>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Application without cookies and sessions
Posted by Nicolas De Loof <ni...@cgey.com>.
Don't panic about session and cookies !
Session are used to maintain state in your application between 2 request
from user : HTTP is a non connected protocol, so you cannot know where your
user comes from where you perform a request.
Session is just a Collection of objects in memory associated whith an id
that servlet container maintain for you. User browser whith cookies
activated receives a cookie with this id so that the container is able to
link future request to the session collection associated with the user.
Without cookies, URL are expanded to add the id as a parameter of requests.
If you put objets in the request scope, after the JSP has produced the HTML
page the objects are destroyed ! Your user objet that MUST be retrieved in
other requests MUST be in the stored session scope.
> Hi all,
>
> I'm very newbie with struts and java. I'm developing an application anf I
> don't like to use cookies or session objects.
>
> Focusing in the struts example, the user is in the session. Why not set
this
> object in the request parameter in all the actions and jsps??
>
> ActionClass
> //Code
> request.setParameter("user", user);
> //more code
>
> Jsp
> //Code
> <%
> pageContext.setParameter("user", user);
> %>
> //more code
>
>
> Is this a good practice??
>
> Is there another ways to do it??
>
> Regards, Enrique.
>
>
> _____________________________
> Enrique Rodriguez Lasterra
>
>
> --
> To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
> For additional commands, e-mail:
<ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>