Preserving session in Java with sendredirect

Question

I am creating a Login Application in JAVA.I am making the presentation in JSP and all the logic (Database connectivity) in Servlet [this is not a right approach I know that]. I check the username Password in Servlet and then create a session variable. and add the session like this

sess.setAttribute("username",oName);

Then I redirect the user to its homepage say student.jsp

response.sendRedirect("student.jsp");

It removes the session variable.I need a way to preserve the session variable and move to student.jsp.I tried to use forwading but that didn't worked out.

RequestDispatcher dispatcher =
                getServletContext()
                    .getRequestDispatcher("/student.jsp");

            if (dispatcher != null) {
                dispatcher.forward(request, response);
            }

It forward request but the Page address doesn't change to student.jsp which is not good. Any help in this regard will be appreciated Thank you

That's how forwarding works: replacing the content of the browser, not the URL. You need to use redirect, but somehow the browser where you're making the tests doesn't allow cookies. Enable the cookies in your browser and run the application again. — Luiggi Mendoza, Nov 19 '12 at 22:38
here is a good tutorial That may help you for forwading.Its eqivalent of JSP forwading in Servlet http://www.javapractices.com/topic/TopicAction.do?Id=181 — require_once, Nov 19 '12 at 20:42

Akber Choudhry · Accepted Answer · 2013-08-30T23:15:27.320

For the redirected request to come back and attach to the same session, it needs a session ID, usually carried in a JSESSIONID (or another name) cookie or in the URL as a parameter.

This cookie or URL parameter should be added by the servlet container and you should not have to add it yourself.

If you do not see the cookie in your browser, and you are not attaching the JSESSIONID to the URL, then it is creating a new session with each request, and not attaching to the same session.

score 0 · Answer 2 · answered Apr 28 '17 at 10:55

0

Try to edit your tomcat context.xml file and replace <Context> tag to <Context useHttpOnly="false"> , this helped me.

answered Apr 28 '17 at 10:55

Benas

2,106
2
39
66

score 0 · Answer 3 · answered Dec 05 '19 at 15:06

Some browsers like Chromium for instance do not allow cookies from localhost or IP addresses, so the session cannot be preserved and changes on every refresh. This can be easily checked with the browser developer tools that show all cookies of the request.

For development, set up your workstation to resolve some more serious name (like host.kitty.com) into localhosts. Under Linux, just add entry to /etc/hosts.

score -1 · Answer 4 · edited Aug 23 '13 at 12:13

-1

Use the RequestDispatcher and set your username variable using request.setAttribute(). In this case the dispatcher will not create a new request but the same request will be forwarded using the forward() method.

edited Aug 23 '13 at 12:13

Prasad Kharkar

13,410
5
37
56

answered Jan 10 '13 at 16:35

Sandeep1007

1

1

This won't solve OP's concrete problem at all. This way the user is not logged-in in any subsequent request. – BalusC Jan 10 '13 at 18:10

Preserving session in Java with sendredirect

4 Answers4

Linked