HttpSession in Servlet
HttpSession object is used to identify a user in multiple http requests. A unique session id is given to the user when the first request is intercepted. This id is stored in a request parameter or in a cookie.
How to get HttpSession object
There are two methods in HttpServletRequest interface which can be used to get HttpSession object :
- public HttpSession getSession() : Returns the current session associated with this request. If the request does not have a session, It creates a new session.
- public HttpSession getSession(boolean create) : Returns the current HttpSession associated with this request. If there is no existing session and parameter create is true, returns a new session.
How to set attribute in session object
public void setAttribute(String name,Object value);How to get attribute from a session object
String value = (String) session.getAttribute("attName"); Session management using HttpSession
login.html
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01
Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Login</title>
</head>
<body>
<form action="loginServlet" method="post">
Username:<input type="text" name="userName"/>
<br/><br/>
Password:<input type="password" name="password"/>
<br/><br/>
<input type="submit" value="Login"/>
</form>
</body>
</html>LoginServlet.java
package com.javatrainingschool;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class LoginServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
// get parameters from request object.
String userName = request.getParameter("userName").trim();
String password = request.getParameter("password").trim();
// check for null and empty values.
if (userName.equals("admin") && password.equals("admin")) {
HttpSession session = request.getSession();
//setting username and password in the session object
session.setAttribute("userName", userName);
session.setAttribute("password", password);
out.println("Logged in successfully.<br/>");
out.println("Click on the below link to see " + "the values of Username and Password.<br/>");
out.println("<a href='httpSessionServlet'>" + "Click here</a>");
out.close();
} else {
out.print("Wrong username or password. <br/><br/>");
RequestDispatcher requestDispatcher = request.getRequestDispatcher("/login.html");
requestDispatcher.include(request, response);
}
}
}HttpSessionExampleServlet.java
package com.javatrainingschool;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class HttpSessionExampleServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
//get parameters from session object.
HttpSession session = request.getSession(false);
String userName = (String) session.getAttribute("userName");
String password = (String) session.getAttribute("password");
out.println("Username: " + userName + "<br/><br/>");
out.println("Password: " + password);
out.close();
}
}web.xml
<web-app>
<servlet>
<servlet-class>com.javatrainingschool.LoginServlet</servlet-class>
<servlet-name>loginServlet</servlet-name>
</servlet>
<servlet-mapping>
<servlet-name>loginServlet</servlet-name>
<url-pattern>/loginServlet</url-pattern>
</servlet-mapping>
<servlet>
<servlet-class>com.javatrainingschool.HttpSessionExampleServlet</servlet-class>
<servlet-name>httpSessionServlet</servlet-name>
</servlet>
<servlet-mapping>
<servlet-name>httpSessionServlet</servlet-name>
<url-pattern>/httpSessionServlet</url-pattern>
</servlet-mapping>
</web-app>Test the application
