You are here:

Java/Session management


I am getting problem in session management In my application Like if i logged in with two different users and At the time  of Log out I invalidate the Session But My always first user is log out while i am doing log out the Second user.

So sir Tell me 2 Things
1- In My Application I have Lot of Hyperlink At Right and Left Navigation of the Logged in User So i have to Pass The Session ID Through Each and Every Hyper Link So that Application Server recognize that the Request Come From The Same user??

2-I am Doing at the login time "request.getsession(true); session.setAttribute("username",username);  And the Time of Log Out I am doing "session.removeAttribute("username");session.invalidate()"
So I have to Pass Something From Session At the time Of Every Activity By the User??? and how??

ANSWER: 1. Provided the session doesn't time out, any thing you put in the session like username should still be there.

After using get session, you should use:
String userName = session.getAttribute("username");
if(userName == null)
  ... //Redirect to login page

The log page that handles loging in is the only place you should use:

---------- FOLLOW-UP ----------

QUESTION: Dear Sir, I m working in Web Sphere Application Server and i want to User URL rewriting technique And I have Configured the Application Server To URL Rewriting. So when I do First Time Login, Its Automatically Set The Jsession Id Like "http//;jsessionid=x...y" But After Login The User has More Left and Right Navigation But When He clicked One Of Them The Jsession id is not appending with the URL.
So sir Please  Can U Clear me
1- The Application Server Will Always Automatically append This Jsession Id Each and Every Linked Clicked By the User.
2- Or I have To get This Jsession id Fist Time and Send Again and Again with The Each and Every URL.

The session does not need to appear in the URL. It should be able to keep track of it based on the user's IP address. It is possible that this setting is disabled (for more security). It is also possible that the jsession id is passed over POST instead of GET.

You are probably asking the wrong person about this though, as I haven't done any work in JSP.


All Answers

Answers by Expert:

Ask Experts


Artemus Harper


I have a Masters in computer science. I can answer questions on core J2SE, swing and graphics. Please no questions about JSP or J2ME.


I have experience in Core Java, good background in Java swing/gui, some experience with JNI, Java reflection. Some experience in bio-informatics. Basics in c++ and c#

Washington State University

MS in Computer Science from Washington State University and a BS in Mathematics and Computer Science from Central Washington University.

©2016 All rights reserved.