Download presentation
Presentation is loading. Please wait.
Published byMorgan Waddell Modified over 11 years ago
1
7 Copyright © 2005, Oracle. All rights reserved. Maintaining State in J2EE Applications
2
7-2 Copyright © 2005, Oracle. All rights reserved. Objectives After completing this lesson, you should be able to do the following: Maintain persistent activity from clients by using a browser Use the HttpSession object Describe state preservation
3
7-3 Copyright © 2005, Oracle. All rights reserved. First request Chris Second request Chris First request Michelle Servlet Overview
4
7-4 Copyright © 2005, Oracle. All rights reserved. Session Basics The HTTP protocol is stateless. The session mechanism guarantees that the object that serves the client knows which client has made a request. User requests from the same browser are considered to be from the same client.
5
7-5 Copyright © 2005, Oracle. All rights reserved. Session Basics Options for identifying the client: Cookies, URL rewriting, hidden fields, HttpSession Result: A unique identity assigned to every client Options for implementing sessions on the server: –Single-threaded model (not scalable) – HttpSession with a multithreaded server (Each thread uses the unique identity to process the request.)
6
7-6 Copyright © 2005, Oracle. All rights reserved. Threading Multithreaded modelSingle-threaded model Servlet instance 1 Servlet instance 2 Client 1 Client 2 Client 1 Client 2 Both clients using unique sessions, but sharing the same servlet instance Both clients using unique sessions and unique instances
7
7-7 Copyright © 2005, Oracle. All rights reserved. URL Rewriting URL rewriting: –Every URL that is accessed by the client is rewritten so that it has the session ID. –Use the encodeURL() method to re-create the path dynamically. URL rewriting is used when a client turns off cookie support in the browser.
8
7-8 Copyright © 2005, Oracle. All rights reserved. HttpSession The unique identity for the client is an HttpSession object. The object is created by using the getSession() method of the HttpRequest object. Any servlet that responds to a client request can create this object. An object can be potentially shared across several servlets. (Every servlet within an application can identify with this client.) HttpSession session = req.getSession(true);
9
7-9 Copyright © 2005, Oracle. All rights reserved. Session Objects With session objects, you can: –Put items into the object (values persist across multiple invocations from the same client) –Access items from the object –Obtain the session identity –Find out when the session was last accessed Items put in a session object can: –Implement the Serializable interface –Be relocated to a different server –Persist across servlet crashes
10
7-10 Copyright © 2005, Oracle. All rights reserved. public void doGet(…)… { response.setContentType("text/html"); PrintWriter out = response.getWriter(); HttpSession session = request.getSession(true); String sessionid = session.getId(); Integer sessionCount = (Integer)session.getAttribute("sessionCount"); if (sessionCount == null) { sessionCount = new Integer(0); } else { sessionCount = new Integer(sessionCount.intValue() + 1); } session.setAttribute("sessionCount", sessionCount); out.println(" Number of requests for the session with the id of " + " " + sessionid + " is: " + sessionCount); } Session-Based Page Counter
11
7-11 Copyright © 2005, Oracle. All rights reserved. Date dayAgo = new Date( System.currentTimeMillis() - 24*60*60*1000); Date hourAgo = new Date(…) // an hour ago Date created = new Date( session.getCreationTime()); Date accessed = new Date(…) if (created.before(dayAgo)|| accessed.before(hourAgo)) { session.invalidate(); session = … //create new } Session Life Cycle A session can expire automatically, or you can explicitly invalidate a session. The HttpSession object gets invalidated when a session expires.
12
7-12 Copyright © 2005, Oracle. All rights reserved. Session Tracking in OC4J J2EE server vendors handle session tracking in different ways. Oracle Application Server 10g Containers for J2EE (OC4J): –Uses cookies as the default method for session tracking (can be disabled by a user or within the application deployment descriptor) –Does not support auto-encoding, where session IDs are automatically encoded into the URL by the container (an expensive process) –Causes a session to expire in 20 minutes by default (modified in the deployment descriptor)
13
7-13 Copyright © 2005, Oracle. All rights reserved. Sessions and Events When a servlet stores an object in a session or removes an object from a session, the session checks whether that object implements the HttpSessionBindingListener interface. If it does, then the servlet notifies the object that it has been either: Bound to the session (by calling the objects valueBound() method, which is a good place for initializing client-specific resources) Or Unbound from a session (by calling the objects valueUnbound() method, which is a good place for releasing resources)
14
7-14 Copyright © 2005, Oracle. All rights reserved. Sessions and Events An object is bound to a session after the object is passed into the session.setAttribute() method. An object is unbound from a session: –After the object is removed by using the session.removeAttribute() method –When a session is invalidated
15
7-15 Copyright © 2005, Oracle. All rights reserved. Sessions and Events To use the event mechanism, you must perform the following steps: 1.Create a class that implements the HttpSessionBindingListener interface. 2.Instantiate the class. 3.Insert the instantiated object into the HttpSession object by using the setAttribute() method.
16
7-16 Copyright © 2005, Oracle. All rights reserved. public class EventObject implements HttpSessionBindingListener { public void valueBound( HttpSessionBindingEvent event) { // connect to the database using this client sess = event.getSession()//which session? // get values from this session object to // identify client information } public void valueUnbound( HttpSessionBindingEvent event) { // release resources } Sessions and Events Example:
17
7-17 Copyright © 2005, Oracle. All rights reserved. Creating Distributable Applications Applications are deployed as distributable by specifying the tag in the web.xml file. These applications should be developed to run in a distributed servlet container (such as OC4J) as follows: Because the ServletContext attributes exist locally in one Java virtual machine (JVM), the information that must be shared between servlets should be placed in a session, a database, or an EJB. HttpSession objects must implement the Serializable interface to be sent between JVMs.
18
7-18 Copyright © 2005, Oracle. All rights reserved. Summary In this lesson, you should have learned how to: Instantiate the HttpSession object Use the HttpSession object Implement the HttpSessionBindingListener interface
19
7-19 Copyright © 2005, Oracle. All rights reserved. Practice 7-1: Overview This practice covers the following topics: Creating an HttpSession object Tracking an order based on the HttpSession object
20
7-20 Copyright © 2005, Oracle. All rights reserved.
21
7-21 Copyright © 2005, Oracle. All rights reserved.
22
7-22 Copyright © 2005, Oracle. All rights reserved.
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.