S
Steve Claflin
Almost any book on servlets has the obligatory note about
HttpSession.isNew() and the client choosing not to join the session.
But I haven't seen one that presents a strategy for dealing with it.
And it seems that any well written code would need to take that
possibility into account.
That implies that the first page the user gets to can't do any real work
other than to try and initiate the session, so that the second, real,
page can find out if the session was joined. And I wouldn't want my
main page to try to set cookies, so the navigation should go main page
--> session initiating page --> real page.
It also implies that I would need a fallback strategy if the session
can't be maintained, like a form with a hidden field (but then I have to
use a submit button instead of an ordinary link) or rewrite links (in
which case I have to do GET instead of POST and end up with extra
garbage in the URL) *. Of course, if I'm going to go to all the work of
coding that fallback strategy, why not use it all the time and dispense
with the session?
* Or use javascript in the page, in which case I need a fallback
strategy for that being disabled.
Is there a "standard" strategy for dealing with this?
HttpSession.isNew() and the client choosing not to join the session.
But I haven't seen one that presents a strategy for dealing with it.
And it seems that any well written code would need to take that
possibility into account.
That implies that the first page the user gets to can't do any real work
other than to try and initiate the session, so that the second, real,
page can find out if the session was joined. And I wouldn't want my
main page to try to set cookies, so the navigation should go main page
--> session initiating page --> real page.
It also implies that I would need a fallback strategy if the session
can't be maintained, like a form with a hidden field (but then I have to
use a submit button instead of an ordinary link) or rewrite links (in
which case I have to do GET instead of POST and end up with extra
garbage in the URL) *. Of course, if I'm going to go to all the work of
coding that fallback strategy, why not use it all the time and dispense
with the session?
* Or use javascript in the page, in which case I need a fallback
strategy for that being disabled.
Is there a "standard" strategy for dealing with this?