<< Chapter < Page Chapter >> Page >
(Recall however, the setMaxAge method can be called on a cookie to cause it to persist beyond the current active period of the browser. Browserssave long-life cookies from one active period to the next. There may be some way to accomplish that using the session tracking API as well but that isspeculation on my part.)

On my server, the session continues until

  • The client exits the browser
  • The servlet purposely invalidates the session
  • The server invalidates the session due to timeout or other condition

Maintaining session state

All that the programmer has to do to maintain session state is to put objects into the HttpSession object, and to get objects from the HttpSession object.

The programmer can also get information about the session from the HttpSession object as well.

Name::value pairs

Data objects are stored in the HttpSession object using a dictionary-like interface. Each object stored in the HttpSession object is stored under a String name. Data objects are retrieved under the name associated with the object. (This is another case of using name::value pairs.)

The fact that the data objects may actually be stored on the client machine (possibly in cookies) is transparent to the programmer.

Is the data stored in cookies?

With my local Tomcat server, the fact that the data objects are being stored in cookies on the client machine can be verified by setting the browserpreferences to disallow the use of cookies. This results in the counter value that I will explain later never progressing beyond that shown in Figure 1 . This indicates that the servlet is unable to establish a session when cookies aredisabled.

Events

If you instantiate your data objects from classes of your own design, you can process events that are generated whenever the object is put in or removed fromthe HttpSession object. In order to be able to receive events, your classes must implement the HttpSessionBindingListener interface.

(I also believe, but am not certain, that in order for the objects instantiated from your classes to be eligible for being saved in thesession object, your classes must implement the Serializable interface. This makes it possible to decompose an object into a stream of bytes and to reconstructthose bytes into an object later.)

Event handlers

When a data object of a class that implements the HttpSessionBindingListener interface is put into the HttpSession object, the following method is called on the data object:

valueBound(HttpSessionBindingEvent e)

When a data object of a class that implements the HttpSessionBindingListener interface is removed from the HttpSession object, the following method is called on the data object:

valueUnbound(HttpSessionBindingEvent e)

No registration is required

Unlike the typical case in Java programming, no special registration of the event listener is required. Simply implementing the interface on the object is sufficient to cause it to receive events when it is put into or removed from the HttpSession object. You can define those two methods to provide whatever behavior may be needed when the events occur.

Get Jobilize Job Search Mobile App in your pocket Now!

Get it on Google Play Download on the App Store Now




Source:  OpenStax, Object-oriented programming (oop) with java. OpenStax CNX. Jun 29, 2016 Download for free at https://legacy.cnx.org/content/col11441/1.201
Google Play and the Google Play logo are trademarks of Google Inc.

Notification Switch

Would you like to follow the 'Object-oriented programming (oop) with java' conversation and receive update notifications?

Ask