Be Careful in setting the session to never time out. Remember that each
session takes up memory on the server, and if the session never times
out, there will be many session sitting in idle until the servlet engine
is restarted, or the server runs out of memory.
Also, if you use session, the browser needs to accept cookies.
Secondly, in my opinion, if your site is a secure site where users need
to log in, and do a few tasks, I'd recommend sessions, i.e. like
Internet Banking does.
On the other hand, if you site just wishes to store information about a
user has selected, etc.. and keep it relative to the browser the user is
on, then cookies are ok.
And the other option is to use the old, but effective fashion <INPUT
TYPE=HIDDEN> html field to store data, but it get messy in transferring
information from page to page.
~andrew
-----Original Message-----
From: horwat [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, 25 September 2001 12:04 PM
To: [EMAIL PROTECTED]
Subject: Re: Sessions and Cookies part 2.
I'm not sure about Resin, but in Tomcat if you have a negative max
inactive
interval then your sessions will not timeout.
Justy
----- Original Message -----
From: "Patrick Fong" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, September 24, 2001 5:30 PM
Subject: Sessions and Cookies part 2.
> Hi
>
> I think I left out something with my last email. (I have my last email
> appended to this email, so that people have a reference to it.)
>
> My question is can we stop the session from going to null/timing out?
If
> the session times out, building a web site around session variables
would
> be very unstable. In this instance, it would be better to use cookies
> instead. However it is difficult as not all web browsers are cookies
enabled.
>
> I also would like to hear people's opinion of this as well - sessions
or
> cookies? (At the moment, its cookies because session variables are
unstable.)
>
> -------------------------------- MY old
email --------------------------------
> Hi
> I have a problem with using session object and cookies with jsps.
> The problem is that I have set the session max inactive interval to 5
hours
> (300 mins * 60 secs) and after a certain time - the shortest being 5
mins,
> the session times out. When I access a session variable using
people_id =
> (String) session.getAttribute("people_id"); I get a
nullpointerException.
> Anyone here knows whats wrong. Here is a sniplet of my code.
> in the login.jsp file
> int sessionTime = 300*60; file://300 mins session time
> session = request.getSession(true);
> session.setMaxInactiveInterval(sessionTime);
> session.setAttribute((String) "group_id",group_id);
> session.setAttribute((String) "role_id", role_id);
> session.setAttribute((String) "accessTime", new Long(accessTime));
> in other files
> session = request.getSession();
> String people_id = (String) session.getAttribute("people_id");
> etc etc.
> I have used the following function to detect whether the session is
null
or
> not
> if (session.getAttribute("people_id")!=null) {
>
>
> }
> else {
> throw new Exception("no people access. ");
> }
> Sometimes this works and other times, a null pointer exception is
raised,
> eg the 'no people access' is raised. Is this a problem in Resin (I am
using
> Resin 1.2.5) ? Or a problem with my source?
> Patrick
>
>
========================================================================
===
> To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
JSP-INTEREST".
> For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST
DIGEST".
> Some relevant FAQs on JSP/Servlets can be found at:
>
> http://java.sun.com/products/jsp/faq.html
> http://www.esperanto.org.nz/jsp/jspfaq.html
> http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
> http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
>
========================================================================
===
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
JSP-INTEREST".
For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST
DIGEST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
==========================================================================To
unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
