How to maintain session with JavaServlet

Question

I want to do a login with javaServlets.

I did this in the past with PHP. But I found this short tutorial to do it with JavaServlets: http://www.studytonight.com/servlet/login-system-example-in-servlet.php

I just wonder, how they check later if the user is logged in. In PHP I started a SESSION and within this SESSION there was the session_username/id stored. So I could just check if there is a session, and if yes I read the sessionparameter where the username is stored and so I could load user specific content.

How does this work here? Can anyone help me? Thanks!

are you looking for how data store/retrieving from sesion into JavaServlet ? — Vishal Gajera, Mar 29 '16 at 14:46

score 1 · Answer 1 · answered Mar 29 '16 at 14:58

1

You would get HttpSession object by calling the public method getSession() of HttpServletRequest, as below:

HttpSession session = request.getSession();

Source

answered Mar 29 '16 at 14:58

Harshul Pandav

1,016
11
23

So can I check if the session exists directly in my HTML/JSP ? – progNewbie Mar 29 '16 at 15:10
Yes you can. You can refer to http://stackoverflow.com/questions/17419727/how-to-use-session-in-jsp-pages-to-get-information – Harshul Pandav Mar 29 '16 at 15:31

score 1 · Accepted Answer · answered Mar 29 '16 at 15:25

You will need to add session information usually through servlet (get/post) request so your login.jsp page would point to Login and redirect you to homepage.jsp

  public class Login extends HttpServlet {
    public void doGet(HttpServletRequest request, HttpServletResponse response){

        HttpSession session = request.getSession();
        String user = (String)request.getParameter("userName");
        session.setAttribute("userName", user);

        request.getRequestDispatcher("/homepage.jsp").forward(request, response);
    }
  }

You can access session information directly inside jsp several ways

<%
  String userId = request.getSession().getAttribute("userName");
%>

or using jstl (you will have to add library from jstl)

<%@taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
<c:if test="${not empty sessionScope.userName}">
  User logged in as <c:out value="${sessionScope.userName}" />
</c:if>

score 0 · Answer 3 · edited May 23 '17 at 12:08

I would use a Servlet Filter where you can check if the session exists

boolean loggedIn = (session != null) && (session.getAttribute("UserID") != null);

The filter will direct all traffic to it (based on what you tell its pages to direct to in web.xml). The filtered traffic can then be checked if the session exists and continue or redirect user to correct page.

How to maintain session with JavaServlet

3 Answers3