API Documentation for Servlets and JSP: Interface HttpSession

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

javax.servlet.http
Interface HttpSession

public abstract interface HttpSession

Provides a way to identify a user across more than one page request or visit to a Web site.

The servlet engine uses this interface to create a session between an HTTP client and an HTTP server. The session persists for a specified time period, across more than one connection or page request from the user. A session usually corresponds to one user, who may visit a site many times. The server can maintain a session either by using cookies or by rewriting URLs.

This interface allows servlets to

View and manipulate information about a session, such as the session identifier, creation time, or context
Bind objects to sessions, allowing you to use an online shopping cart to hold data that persists across multiple user connections

HttpSession defines methods that store these types of data:

Standard session properties, such as a session identifier or session context
Data that the application provides, accessed using this interface and stored using a dictionary-like interface

The servlet can obtain data from the session, modify it, and return it to the session, as this example shows: //Get the session object - "request" represents the HTTP servlet request HttpSession session = request.getSession(true); //Get the session data value - an Integer object is read from //the session, incremented, then written back to the session. //sessiontest.counter identifies values in the session Integer ival = (Integer) session.getValue("sessiontest.counter"); if (ival==null) ival = new Integer(1); else ival = new Integer(ival.intValue() + 1); session.putValue("sessiontest.counter", ival);

When an application stores an object in or removes it from a session, the session checks whether the object implements HttpSessionBindingListener. If it does, the servlet notifies the object that it has been bound to or unbound from the session.

An HTTP session represents the server's view of the session. The server considers a session new under any of these conditions:

The client does not yet know about the session
The session has not yet begun
The client chooses not to join the session, for example, if the server supports only cookies and the client rejects the cookies the server sends

When the session is new, the isNew() method returns true.

You must write your servlet to handle cases in which the client has not joined a session. The following code example calls isNew to determine whether a session is new. If it is, the server requires the client to start a session by directing the client to a welcome page which the user must enter before gaining access to other pages on the site. //Get the session object - "request" represents the HTTP servlet request HttpSession session = request.getSession(true); //insist that the client starts a session //before access to data is allowed //"response" represents the HTTP servlet response if (session.isNew()) { response.sendRedirect (welcomeURL); }

Version:: $Version$
Author:: Various
See Also:: HttpSessionBindingListener, HttpSessionContext

Method Summary
`long`	`getCreationTime()` Returns the time when this session was created, measured in milliseconds since midnight January 1, 1970 GMT.
`java.lang.String`	`getId()` Returns a string containing the unique identifier assigned to this session.
`long`	`getLastAccessedTime()` Returns the last time the client sent a request associated with this session, as the number of milliseconds since midnight January 1, 1970 GMT.
`int`	`getMaxInactiveInterval()` Returns the maximum time interval, in seconds, that the servlet engine will keep this session open between client requests.
`HttpSessionContext`	`getSessionContext()` Deprecated. As of Version 2.1, this method is deprecated and has no replacement. It will be removed in a future version of the Java Servlet API.
`java.lang.Object`	`getValue(java.lang.String name)` Returns the object bound with the specified name in this session or null if no object of that name exists.
`java.lang.String[]`	`getValueNames()` Returns an array containing the names of all the objects bound to this session.
`void`	`invalidate()` Invalidates this session and unbinds any objects bound to it.
`boolean`	`isNew()` Returns `true` if the Web server has created a session but the client has not yet joined.
`void`	`putValue(java.lang.String name, java.lang.Object value)` Binds an object to this session, using the name specified.
`void`	`removeValue(java.lang.String name)` Removes the object bound with the specified name from this session.
`void`	`setMaxInactiveInterval(int interval)` Specifies the maximum length of time, in seconds, that the servlet engine keeps this session if no user requests have been made of the session.

Method Detail

getCreationTime

public long getCreationTime()

Returns the time when this session was created, measured in milliseconds since midnight January 1, 1970 GMT.

Returns:: a long integer specifying when this session was created relative to 1-1-1970 GMT
Throws:: java.lang.IllegalStateException - if you attempt to get the session's creation time after the session has been invalidated

getId

public java.lang.String getId()

Returns a string containing the unique identifier assigned to this session. The identifier is assigned by the servlet engine and is implementation dependent.

Returns:: a string specifying the identifier assigned to this session

getLastAccessedTime

public long getLastAccessedTime()

Returns the last time the client sent a request associated with this session, as the number of milliseconds since midnight January 1, 1970 GMT.

Actions that your application takes, such as getting or setting a value associated with the session, do not affect the access time.

The last accessed time can help you manage sessions. For example, the sessions can be sorted according to age to optimize some task.

Returns:: a long integer representing the last time the client sent a request associated with this session, expressed in milliseconds since 1-1-1970 GMT
Throws:: java.lang.IllegalStateException - if the session is invalid

getMaxInactiveInterval

public int getMaxInactiveInterval()

Returns the maximum time interval, in seconds, that the servlet engine will keep this session open between client requests. You can set the maximum time interval with the setMaxInactiveInterval method.

Returns:: an integer specifying the number of seconds this session remains open between client requests
See Also:: setMaxInactiveInterval(int)

getSessionContext

public HttpSessionContext getSessionContext()

Deprecated. As of Version 2.1, this method is deprecated and has no replacement. It will be removed in a future version of the Java Servlet API.

getValue

public java.lang.Object getValue(java.lang.String name)

Returns the object bound with the specified name in this session or null if no object of that name exists.

Parameters:: name - a string specifying the name of the object
Returns:: the object with the specified name
Throws:: java.lang.IllegalStateException - if the session is invalid

getValueNames

public java.lang.String[] getValueNames()

Returns an array containing the names of all the objects bound to this session. This method is useful, for example, when you want to delete all the objects bound to this session.

Returns:: an array of strings specifying the names of all the objects bound to this session
Throws:: java.lang.IllegalStateException - if the session is invalid

invalidate

public void invalidate()

Invalidates this session and unbinds any objects bound to it.

Throws:: java.lang.IllegalStateException - if the session is already invalid

isNew

public boolean isNew()

Returns true if the Web server has created a session but the client has not yet joined. For example, if the server used only cookie-based sessions, and the client had disabled the use of cookies, then a session would be new.

Returns:: true if the server has created a session, but the client has not yet joined
Throws:: java.lang.IllegalStateException - if the session is invalid

putValue

public void putValue(java.lang.String name,
                     java.lang.Object value)

Binds an object to this session, using the name specified. If an object of the same name is already bound to the session, the object is replaced.

Parameters:: name - the name to which the object is bound; cannot be null; value - the object to be bound; cannot be null
Throws:: java.lang.IllegalStateException - if the session is invalid

removeValue

public void removeValue(java.lang.String name)

Removes the object bound with the specified name from this session. If the session does not have an object bound with the specified name, this method does nothing.

After this method executes, and if the object implements HttpSessionBindingListener, the object calls HttpSessionBindingListener.valueUnbound.

Parameters:: name - the name of the object to remove from this session
Throws:: java.lang.IllegalStateException - if the session is invalid

setMaxInactiveInterval

public void setMaxInactiveInterval(int interval)

Specifies the maximum length of time, in seconds, that the servlet engine keeps this session if no user requests have been made of the session.

Parameters:: interval - An integer specifying the number of seconds