uses a cookie if the client Web browser supports that, or it can also use URL

rewriting to carry the session ID that is associated with the client.

The data that is stored in the HttpSession object is shared across requests

from the same machine. Therefore, the HttpSession object is also suitable to

store individual session profile data from the client.

The HttpSession object is not persistent data. It is deleted after a time out

period or by the invalidate() method. In order to store data persistently,

WebSphere provides a UserProfile (see Section 5.1.1.2,  User profile

tracking  on page 140).

The HttpSession description can be found at

http://java.sun.com/products/servlet/2.1/api/javax.servlet.http.HttpSession.html

More information on session tracking can be found at:

http://java.sun.com/docs/books/tutorial/servlets/client state/session tracking.html

3.5.2.2 Using the HttpSession object

To use these session objects, we obtain a session object, get or put values to

this object, and invalidate it if we need to remove the context.

Obtaining a session object

To obtain a session object associated with the client, we use the getSession

method as follows (we assume

req

is of type HttpServletRequest):

boolean flag=true;

HttpSession session=req.getSession(flag);

This obtains the current valid session associated with this request from the

client. The flag indicates whether a session object should be created if it is

not found.

Getting values from a session object

For example, to get the username value from the session, we use the

getValue method associated with the session object as follows:

String username=(String) session.getValue( username )

Putting values to a session object

We can also set values in the session using the putValue method. In the

following example, we associated the password key with a value of

elephant

:

session.putValue( password , elephant )

82

Linux Web Hosting with WebSphere, DB2, and Domino