You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Rebekah Lepro <rs...@psu.edu> on 2001/09/26 20:28:10 UTC

HttpSession object returned from request.getSession

Hello all -

A question regarding sessions:
Assume that sessions are tracked in a web application, ie. 
request.getSession(true) is used to grab sessions.  Now, a client makes 2 
or concurrent requests to a servlet after a session has been established, 
say by hitting a submit button twice on a form.  Within the doPost method 
which of the following is true:

1)  Both calls to request.getSession(true) return the exact same object
2)  Both calls to request.getSession(true) return two different session 
objects that contain the same information.

I need to be able to synchronized actions at a client level, so that if two 
requests come from the same client they execute serially, but two requests 
come from two different clients, they can interact concurrently.  The only 
way I could think to do this was with a synchronized block on 
HttpSession.  This won't work, however, if each request creates a new 
HttpSession per request.   The api doesn't specify behavior that I could 
see.....

Thanks for the insight.
Rebekah
Rebekah Lepro - rsl102@psu.edu
Applied Research Laboratory
The Pennsylvania State University
P.O. Box 30, State College PA 16804
Phone: +1-814-863-8122 Fax: +1-814-863-1183

Re: HttpSession object returned from request.getSession

Posted by "Craig R. McClanahan" <cr...@apache.org>.


On Wed, 26 Sep 2001, Rebekah Lepro wrote:

> Date: Wed, 26 Sep 2001 14:28:10 -0400
> From: Rebekah Lepro <rs...@psu.edu>
> Reply-To: tomcat-user@jakarta.apache.org
> To: tomcat-user@jakarta.apache.org
> Subject: HttpSession object returned from request.getSession
>
> Hello all -
>
> A question regarding sessions:
> Assume that sessions are tracked in a web application, ie.
> request.getSession(true) is used to grab sessions.  Now, a client makes 2
> or concurrent requests to a servlet after a session has been established,
> say by hitting a submit button twice on a form.  Within the doPost method
> which of the following is true:
>
> 1)  Both calls to request.getSession(true) return the exact same object
> 2)  Both calls to request.getSession(true) return two different session
> objects that contain the same information.
>
> I need to be able to synchronized actions at a client level, so that if two
> requests come from the same client they execute serially, but two requests
> come from two different clients, they can interact concurrently.  The only
> way I could think to do this was with a synchronized block on
> HttpSession.  This won't work, however, if each request creates a new
> HttpSession per request.   The api doesn't specify behavior that I could
> see.....
>

The safest way to approach this would be to synchronize on some session
attribute that you've added.  That way, your locking would work correctly
no matter which of the two interpretations were actually the case.

> Thanks for the insight.
> Rebekah
> Rebekah Lepro - rsl102@psu.edu
> Applied Research Laboratory
> The Pennsylvania State University
> P.O. Box 30, State College PA 16804
> Phone: +1-814-863-8122 Fax: +1-814-863-1183
>
>

Craig McClanahan