Matt said:
I want to confirm the differences between request.setAttribute(key,
value) versus session.setAttribute(key, value).
My understanding is that request.setAttribute only make the key
available in the following jsp page. But session.setAttribute will
make the key available in many pages, as long as in the same session,
and browser not close.
A request attribute will be accessible via the specified key to all JSP
pages (and other servlets) processing the same HTTP request. There may
be more than one such page / servlet if (and only if) one of them
forwards to or includes another; an HTTP redirect, in contrast, causes
the client to issue a new request. A human user explicitly asks for a
new request to be issued by clicking the "reload" button in his browser.
A session attribute will be accessible via the specified key to all JSP
pages (and other servlets) processing a request in the same session.
Period. Closing all browser windows will typically prevent any more
requests from being issued in any previously existing sessions tied to
that browser; I don't know of any exceptions to that behavior, but it is
outside the scope of the servlet spec.
For example, the flow like page1->page2->page3->page4.
session.setAttribute will make the key available in all pages. But if
There are some caveats, but basically yes.
we use request.setAttribute in page2, then only page3 can get the key
value set in page2.
I'm guessing that you mean the user clicks on a link or posts a form on
page1 to get to page2; and likewise to get from page2 to page3 and from
page3 to page4. Each page is then served up in response to a separate
request, and in that case NO, a request attribute set by page2 is NOT
accessible in page3, it is only accessible in page2. Furthermore, such
a request attribute must be set anew during processing of *each visit*
to page2 if it is to be used by the page implementation -- it is not
inherited from any previous visit to that page.
As Sudsy was pointing out, you also need to watch out for caching
behavior. User agents (generally browsers), proxies, and web servers
all may cache responses under certain circumstances. All may cause
trouble, but the most likely to do so are user agents. For instance,
when a human user clicks the "Back" button on his browser's toolbar, he
will generally get a cached version of the previously visited page
instead of causing a new request to be issued for that page. This may
be different from what he would get by reissuing the same request by
which the cached page was originally fetched.
John Bollinger
(e-mail address removed)