0

I have a web app which contains two servlets, one to render my JSP pages, and another to generate PDFs. I use session state between the JSP pages and want to pass a session object to the PDF servlet.

Here's an example of how I set the session values in the JSP:

MyObject o  = (MyObject)session.getAttribute("my.object");
if (o == null)
{
    o = new MyObject();
    session.setAttribute("my.object", o);
}

I then post off to my new servlet for the PDF generation from a link in my JSP

<a href="../pdfgen?f=d&t=c" target="_blank">Generate a draft report for review</a>

I thought I could use the HTTPRequest object to return the session in my servlet as follows:

public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
{
    HttpSession session = request.getSession(false);
    MyObject o = (MyObject) session.getAttribute("my.object");
}

Using the above code I get a null session object from the request.

If I use request.getSession(true) I get a session object, but of course it doesn't contain anything in the attribute my.object.

How is this supposed to work? What are the rules about sharing session state between servlets.

Tomcat 6

TIA

Simon
  • 78,655
  • 25
  • 88
  • 118

2 Answers2

1

Can you check if you have this by any chance declared :<%@ page session="false" %> ?

If you are using JSP implicit session object to set a value, it should be available to the servlet.

You code looks valid though..

basav
  • 1,453
  • 10
  • 18
  • no, no such declaration. I'm a little baffled by this not working, as far as I can tell it should. I just get a null session object from the request. – Simon Mar 04 '11 at 18:32
  • is this MyObject() serializable? – basav Mar 04 '11 at 19:28
0

Don't set it in the JSP. It might be already too late then since JSP is part of the HTTP response and can already have committed the response. Whenever a new session needs to be created, the servlet container needs to add the session cookie to the HTTP response header. But that ain't going to happen when the response is already committed. Depending on the servletcontainer, you should have seen an IllegalStateException in the server logs when attempting to do so.

Set it in the servlet instead, before forwarding the request to the JSP (the one of which you said that it "renders" JSP).

Unrelated to the concrete problem, don't use request.getSession(false) in cases you need the session, just use request.getSession(). Those potential NPEs and nullchecks are clumsy. Also writing raw Java code in JSP (using scriptlets) is considered poor practice.

Community
  • 1
  • 1
BalusC
  • 1,082,665
  • 372
  • 3,610
  • 3,555
  • Thanks for the scriptlet advice, I feel the same way, however I don't think a fundamental re-architecture of the code is in bounds right now, which is what that would require. – Simon Mar 04 '11 at 18:37
  • I'm using the default JSP servlet to render the main pages. The PDF servlet is completely separate. I don't quite get how the JSP could have committed the response given that I am handing of to a completely different servlet. – Simon Mar 04 '11 at 18:42
  • A response is committed when the HTTP response headers are sent. Your best try is to put the scriptlet in the **very top** of the JSP page, before any character/line of template text which is candidate to be sent to the client side and may thus force commit of the response. If that doesn't help, create a servlet which does the job in `doGet()` and then forwards the request to the JSP to display the HTTP response (and then change the URL to call that servlet instead of the JSP). – BalusC Mar 04 '11 at 18:46