TechQA.

Scope of session object

427 views Asked by At

1)

As mentioned here,

HttpSession objects must be scoped at the application (or servlet context) level, where context is,

ServletContext context = request.getServletContext();

2)

HttpSession object is created per browser session, in tomcat memory.

-----------------------------------------------------------------

Am unable to relate above two points.

An application is collection of different servlets. A servlet spawn a thread per connection from every browser. Every jsp/servlet points to a version of session object that the browser points to.

How can a session object that is created per browser gets scoped at web application level?

java session servlets jsessionid servlet-container
Original Q&A
1

There are 1 answers

0
Hashcon On

Session(or session id) is generated at server and transfer to browser through cookie or URL rewriting(when cookie is banned in browser).

In general, a session id is generated while user access the website. And after logging in, the server will change the session id for safety issues.

Session expired when:

(1)call session.invalidate()

(2)timeout configuration:

<session-config>
<session-timeout>xxx</session-timeout>
<session-config>

(3)Server restart(while the sessionid is saved in local cache)

Related Questions in JAVA

Related Questions in SESSION

Related Questions in SERVLETS

Related Questions in JSESSIONID

Related Questions in SERVLET-CONTAINER

Popular Questions

Trending Questions