0

Why session is lost or ended when cache is cleared. While session is mentioned on server. I am java developer and I got session from HttpServletRequest object.

We manage the session on server side. Then how it is related with browser and client? Why our website is logged out when cache is cleared?

I tried it with my gmail account. When i close browser and again open gmail or when i clear cache it shows me logged out. I did google about but could not got satisfying answer. can anybody clear it?

Abhendra Singh
  • 1,959
  • 4
  • 26
  • 46
  • 1
    cookies is the answer but I would suggest you go through http://stackoverflow.com/questions/3106452/how-do-servlets-work-instantiation-session-variables-and-multithreading for a more detailed knowledge – AurA Jan 25 '13 at 09:38

4 Answers4

1

The standard mechanism for tracking sessions is a cookie. Clearing your browser's cache, and therefore your cookies as well, will result in no session ID being sent to the server when a request is made, so it has no choice but to begin a new session.

Anthony Grist
  • 38,173
  • 8
  • 62
  • 76
0

Your server-side framework is using a cookie on the client machine to track sessions. When that disappears, it loses session context.

Andrew
  • 11,894
  • 12
  • 69
  • 85
0

I'm assuming you are talking about your browser cache when you say "cache is cleared."

If so, one of the things you are doing when you are clearing your cache is deleting all the cookies that the sites you visit have set. The cookie is what holds the identifier that the web-site (e.g. GMail) uses to determine you are the same person who logged in as "Abhendra Singh" earlier.

RB.
  • 36,301
  • 12
  • 91
  • 131
0

Your Session object on server is just representation. Session information are maintained by cookies in browser by default, with cookie named JSESSIONID. You can find out more here, see the answer from BalusC.

In case when cookies are disabled on browser JSESSIONID must be appended as parameter to URL. This means that in case of redirection you must call HttpServletResponse#encodeRedirectURL or use c:url tag for links in your page.

Community
  • 1
  • 1
partlov
  • 13,789
  • 6
  • 63
  • 82
  • Thanks for your time and support. From your post and your link i think that When we create our session on server, an cookie is implicitly created on browser. Am I going on right direction? If I am right then what will be happen if user disable cookie on client? – Abhendra Singh Jan 25 '13 at 11:07
  • I changed answer for situation when cookies are disabled. – partlov Jan 25 '13 at 11:25