CODEWITHSUNDEEP
javajspsession
ctst
ctst

Reputation: 1680

Reset session in jsp without invalidating

I want to reset the session in a JSP page without invalidating it. The reason for this is, the user might have an already opened page using the session and invalidating it would throw a NullPointerException. Since a fresh session is already been catched, I don't want to add an additional catch-phrase. The goal is to clean all Attributes.

I am looking for something like:

session = new HttpSession(); //this does obviously not work

an alternative would be (?)

while(session.getAttributeNames().hasMoreElements()){
    session.removeAttribute(session.getAttributeNames().nextElement());
}    //cleans session?

But I am not sure, if this deletes some necessary session-attributes like login-data.

Is there a nice way to do this?

Edit: The best solution would be, each time you open a certain page you create a new session for that window/tab until you close the tab or revisit that page in this tab. This question occurred by the attempt to solve this problem.

Upvotes: 8

Views: 5107

Answers (3)

Prabakaran Mathi
Prabakaran Mathi

Reputation: 11

you can make use of this trick like we used to set the values in session

session.setAttribute( "name", "value");

instead of resetting the whole session object,just set some empty values to session parameters so it will be null and session Object will not throw NullPointerException.

for example

session.setAttribute( "name", "");

Upvotes: 1

Roman C
Roman C

Reputation: 1

Yes there's a nice way to do this. Create a class that wraps the HttpSession object and implement a Map interface. In the implementation you can manipulate session attributes without invalidation of the session. Similar like the implemented code for SessionMap in the Struts2 framework. You can read docs page for SessionMap here.

A simple implementation of the Map interface to handle a collection of HTTP session attributes. The entrySet() method enumerates over all session attributes and creates a Set of entries. Note, this will occur lazily - only when the entry set is asked for.

Similar implementation of SessionMap you can find in JSF. The docs page you can find here.

public class SessionMap extends
    java.util.AbstractMap<java.lang.String,V>

See Also: javax.faces.context.ExternalContext#getSessionMap()

If you use any of these frameworks, you can use or override the clear() method to get what you want.

Upvotes: 4

penguineer
penguineer

Reputation: 86

The HttpSession API clearly does not provide such feature.

The above loop might be written a bit nicer using the Java5 iterator idiom:

for (final String an : session.getAttributeNames()) {
    session.removeAttribute(an);
}

But that requires the Enumeration to be iterable.

What I am wondering: You want to clear all session data, but still keep the session so that some other control run, which seems to be using the session, does not crash. Does this really work? The second control run will not find any session data, as you have completely cleared out the session.

I believe one of those is true:

  1. your session clean-up removes data needed by the second control-run
  2. it would be better to invalidate the session and enable the control-run to deal with an invalidated session.

The HttpSession documentation clearly states that any entity using the session must be able to deal with the fact that a session gets lost or never existed in the first place, so point 2 should be implemeneted anyways.

In the sense of extendiblity (what happens if there is data from other processes in your session? Your loop would clear them out as well) I suggest instead of clearing the whole session you keep track of the session values put by your control-run and clear out those explicit values only.

Upvotes: 3

Related Questions