How can I enable session tracking for JSP
pages if the browser has disabled cookies?
session identifier with a unique user. If the browser does not support
cookies, or if cookies are disabled, you can still enable session
tracking using URL rewriting. URL rewriting essentially includes the
session ID within the link itself as a name/value pair.
However, for this to be effective, you need to append the session ID for
each and every link that is part of your servlet response. Adding the
session ID to a link is greatly simplified by means of of a couple of
methods: response.encodeURL() associates a session ID with a given URL,
and if you are using redirection, response.encodeRedirectURL() can be
used by giving the redirected URL as input.
Both encodeURL() and encodeRedirectedURL() first determine whether
cookies are supported by the browser; if so, the input URL is returned
unchanged since the session ID will be persisted as a cookie. Consider
the following example, in which two JSP files, say hello1.jsp and
hello2.jsp, interact with each other.
Basically, we create a new session within hello1.jsp and place an object
within this session. The user can then traverse to hello2.jsp by
clicking on the link present within the page.Within hello2.jsp, we
simply extract the object that was earlier placed in the session and
display its contents. Notice that we invoke the encodeURL() within
hello1.jsp on the link used to invoke hello2.jsp; if cookies are
disabled, the session ID is automatically appended to the URL, allowing
hello2.jsp to still retrieve the session object. Try this example first
with cookies enabled. Then disable cookie support, restart the brower,
and try again. Each time you should see the maintenance of the session
Do note that to get this example to work with cookies disabled at the
browser, your JSP engine has to support URL rewriting.
Integer i= (Integer )session.getValue("num");
out.println("Num value in session is "+i.intValue());
What JSP lifecycle methods can I override?
You cannot override the _jspService() method within a JSP page. You can
however, override the jspInit() and jspDestroy() methods within a JSP
page. jspInit() can be useful for allocating resources like database
connections, network connections, and so forth for the JSP page. It is
good programming practice to free any allocated resources within
The jspInit() and jspDestroy() methods are each executed just once
during the lifecycle of a JSP page and are typically declared as JSP
How do I perform browser redirection from a JSP page?
You can use the response implicit object to redirect the browser to a
different resource, as:
You can also physically alter the Location HTTP header attribute, as
You can also use the:
Also note that you can only use this before any output has been sent to
the client. I beleve this is the case with the response.sendRedirect()
method as well. If you want to pass any paramateres then you can pass
How does JSP handle run-time exceptions?
You can use the errorPage attribute of the page directive to have
uncaught runtime exceptions automatically forwarded to an error
redirects the browser to the JSP page error.jsp if an uncaught exception
is encountered during request processing. Within error.jsp, if you
indicate that it is an error-processing page, via the directive:
the Throwable object describing the exception may be accessed within the
error page via the exception implicit object.
Note: You must always use a relative URL as the value for the errorPage
How do I use comments within a JSP page?
You can use "JSP-style" comments to selectively block out code while
debugging or simply to comment your scriptlets. JSP comments are not
visible at the client.
You can also use HTML-style comments anywhere within your JSP page.
These comments are visible at the client. For example:
Of course, you can also use comments supported by your JSP scripting
language within your scriptlets.
Is it possible to share an HttpSession between a JSP and EJB? What
happens when I change a value in the HttpSession from inside an EJB?
You can pass the HttpSession as parameter to an EJB method, only if all
objects in session are serializable. This has to be consider as
"passed-by-value", that means that it's read-only in the EJB.
If anything is altered from inside the EJB, it won't be reflected back
to the HttpSession of the Servlet Container.The "pass-byreference" can
be used between EJBs Remote Interfaces, as they are remote references.
While it IS possible to pass an HttpSession as a parameter to an EJB
object, it is considered to be "bad practice" in terms of object
oriented design. This is because you are creating an unnecessary
coupling between back-end objects (ejbs) and front-end objects (HttpSession).
Create a higher-level of abstraction for your ejb's api. Rather than
passing the whole, fat, HttpSession (which carries with it a bunch of
http semantics), create a class that acts as a value object (or
structure) that holds all the data you need to pass back and forth
Consider the case where your ejb needs to support a non-http-based
client. This higher level of abstraction will be flexible enough to
How can I implement a thread-safe JSP page?
You can make your JSPs thread-safe by having them implement the
SingleThreadModel interface. This is done by adding the directive <%@
page isThreadSafe="false" % > within your JSP page.
Page Numbers : 1