After invalidate (), is it possible to get a new session from the request object?

Question

After invalidate (), is it possible to get a new session from the request object?

After a session is invalid, is it possible to get a new session through the request object via request.getSession () without requesting a new request?

My request object is sent to the first page to the second page and the second page to the first page again. The first page on the 2nd page and again the same page from the 2nd page to the 2nd page .... cannot be changed, but every time the first page of the 2nd page is requested we need to get detailed information about session and cancel it and create again. like this

HttpSession session = request.getsession(false) String user = (String)session.getAttribute("name"); session.invalidate(); session=request.getSession(true); RequestDispacher dis = request.requestDispatcher("path"); dis.forword(request,respone);

but it doesn’t work the second time it gives a zero session or details

also try setting a session id in future cookies like this

 Cookie[] c = request.getCookies(); for(Cookie k: c){ if(k.getName().equalsIgnoreCase("JSESSIONID")){ System.out.println("k.getValue() : "+k.getValue()); System.out.println("httpSession.getId() : "+httpSession.getId()); k.setValue(httpSession.getId()); } }

+4

servlets session invalidate

Mask5323 Aug 16 '13 at 11:52

source share

2 answers

After invalidate()

you should write

req.getSession(true)

The getSession() method then checks if an existing session already exists or not. If session exists, it will return this session object, otherwise a new session will be created and returned to the client.

otherwise, if you try to do something like

 session.inValidate(); session..trySomething() //leads to exception "Session already invalidated."

0

ꜱᴜʀᴇꜱʜ ᴀᴛᴛᴀ Aug 16 '13 at 11:56

source share

λlεx · Accepted Answer · 2013-08-16T13:53:02+0000

As for Javadocs , just call request.getSession() :

Returns the current HttpSession associated with this request, or if the current session is absent and create is true, returns a new session.
If create is false and the request does not have a valid HttpSession, this method returns null.
To ensure that the session is properly maintained, you must call this before the response is completed. If the container uses cookies to ensure session integrity and is prompted to create a new session when the response is complete, an IllegalStateException is thrown.

So calling the getSession method will create you a new session:

 final HttpSession session = request.getSession()

Here is a JSP example that proves that the code works:

test.jsp

 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Session invalidation test</title> </head> <body> <% // Uses implicit session for JSP out.println("Session is " + session); session.invalidate(); out.println("\nNew session is " + request.getSession()); request.getRequestDispatcher("/test2.jsp").forward(request, response); %> </body> </html>

test2.jsp

 <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Session invalidation test</title> </head> <body> <% out.println("Session is " + request.getSession()); %> <h1>Test 2</h1> </body> </html>

When executed on Tomcat6, the output in my browser is:

 Session is org.apache.catalina.session.StandardSessionFacade@9317bfb Test 2

which indicates that test.jsp was output and successfully redirected to test2.jsp.

After invalidate (), is it possible to get a new session from the request object?

More articles: