Servlet & JSP – 16 – Session – 03

Merhaba Arkadaslar,
Bu yazida HttpSession arabiriminin bize sagladigi bazi metotlari inceleyecegiz. Bu metotlar ;

public long getCreationTime();
public long getLastAccessedTime();
public void setMaxInactiveInterval(int interval);
public int getMaxInactiveInterval();
public void invalidate();

Ornek Uygulama

Yeni bir paket ve sinif olusturalim ve listeledigimiz metotlari kullanalim ;
_09_HttpSession.more
MoreSessionMethods.java

MoreSessionMethods.java

package _09_HttpSession.more;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.Date;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class MoreSessionMethods extends HttpServlet {

	@Override
	protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {

		HttpSession session = req.getSession();

		String heading;
		Integer accessCount =
				(Integer) session.getAttribute("accessCount");
		if (accessCount == null) {
			accessCount = 0;
		} else {
			accessCount++;
		}

		session.setAttribute("accessCount", accessCount);

		String id = session.getId();
		Date creationTime = new Date(session.getCreationTime());
		Date lastAccessedTime = new Date(session.getLastAccessedTime());
		Integer maxInactiveInternal = session.getMaxInactiveInterval();

		PrintWriter pw = resp.getWriter();

		pw.print("<html><body><table>");
		pw.print("<tr><td>Session ID</td>");
		pw.print("<td>" + id + "</td>");
		pw.print("<tr><td>Creation Time</td>");
		pw.print("<td>" + creationTime + "</td>");
		pw.print("<tr><td>Last Accessed Time</td>");
		pw.print("<td>" + lastAccessedTime + "</td>");
		pw.print("<tr><td>Max Intactive Interval</td>");
		pw.print("<td>" + maxInactiveInternal + "</td>");
		pw.print("<tr><td>Access Count</td>");
		pw.print("<td>" + accessCount + "</td>");
		pw.print("</table></body></html>");
	}
}

deployment descriptor(web.xml) dosyamiza servlet tanimimizi ekleyelim ;

	<servlet>
		<servlet-name>MoreSessionMethods</servlet-name>
		<servlet-class>_09_HttpSession.more.MoreSessionMethods</servlet-class>
	</servlet>

	<servlet-mapping>
		<servlet-name>MoreSessionMethods</servlet-name>
		<url-pattern>/moresessionmethods</url-pattern>
	</servlet-mapping>

Servlet sinifimizi calistiralim ;

more session methods

getId metodu bize session id bilgisini dondurecektir.
getCreationTime metodu session’in olusturuldugu zamanin long cinsinden degerini dondurur.
getLastAccessedTime metodu istemcinin en son istek gonderdigi zamani long cinsinden dondurur.

HTTP protokolunde aktif olmayan client/istemcinin session bilgisini sonlandirmak icin bir yontem yoktur. Varsayilan session timeout suresi Servlet Container’lar tarafindan tanimlanir.
getMaxInactiveInterval , session timeout suresini dondurur. Tomcat icin 30 dakika yani 1800 saniyedir.

setMaxInactiveInterval metodu ile timeout suresini degistirebiliriz. -1 ve 0
Sayfayi 15 kere refresh ettigim icin access count 15 oldu.

Ornek Uygulama 2

Yeni bir servlet olusturalim;

SessionTimeOut.java

package _09_HttpSession.timeout;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class SessionTimeOut extends HttpServlet {

	@Override
	protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
		HttpSession session = req.getSession();

		Integer maxInactiveInternal = session.getMaxInactiveInterval();
		System.out.println("default timeout:" + maxInactiveInternal);

		session.setMaxInactiveInterval(10); // 10 saniye

		maxInactiveInternal = session.getMaxInactiveInterval();
		System.out.println("updated timeout:" + maxInactiveInternal);

		session.setAttribute("name", "levent");
		String name = (String) session.getAttribute("name");
		System.out.println(name);

		name = (String) session.getAttribute("name");
		System.out.println(name);

		PrintWriter pw = resp.getWriter();
	
		pw.print("<a href=sessiontimeoutcheck>check me </a>");

	}
}

Session attribute ekledik. Session timeout suresini 10 saniye olarak belirledik.
setMaxInactiveInterval metoduyla session timeout suresini saniye cinsinden verebiliriz. 0 veya negatif sayi sonsuz timeout suresi anlamina gelir.

Bu session i kontrol etmek icin yeni bir servlet olusturalim ;

package _09_HttpSession.timeout;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class SessionTimeOutCheck extends HttpServlet {

	@Override
	protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
		HttpSession session = req.getSession();
		String name = (String) session.getAttribute("name");
		System.out.println("session timeout check :" + name);

		// bu sesssion attribute SessionTimeOut servlet'inde eklendi. 10 saniye
		// sonra session timeout olur ve bu attribute e ulasim saglanamaz.
	}
}

web.xml dosyamiza servlet tanimlarini ekleyelim;

 <servlet>
     <servlet-name>SessionTimeOut</servlet-name>
     <servlet-class>_09_HttpSession.timeout.SessionTimeOut</servlet-class>
 </servlet>

 <servlet-mapping>
     <servlet-name>SessionTimeOut</servlet-name>
     <url-pattern>/sessiontimeout</url-pattern>
 </servlet-mapping>

 <servlet>
     <servlet-name>SessionTimeOutCheck</servlet-name>
     <servlet-class>_09_HttpSession.timeout.SessionTimeOutCheck</servlet-class>
 </servlet>

 <servlet-mapping>
     <servlet-name>SessionTimeOutCheck</servlet-name>
     <url-pattern>/sessiontimeoutcheck</url-pattern>
 </servlet-mapping>

SessionTimeOut servletimizi calistiralim , linke tikladigimizda ServletTimeOutCheck servletine gideriz. 10 saniye icerisinde gittigimizde session sonlanmadigi icin session attribute’e ulasabiliriz. Eger 10 saniye sonra linke tiklarsak session timeout oldugu icin session attribute’e ulasamayiz.

invalidate metodu session’i yok eder/gecersiz kilar. invalidate metodundan sonra setAttribute ya da getAttribute metotlarini kullanmak runtime hataya neden olur ;

HTTP Status 500 : Session already invalidated

SessionInvalidate.java

package _09_HttpSession.timeout;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class SessionInvalidate extends HttpServlet {

	@Override
	protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {

		HttpSession session = req.getSession();

		session.setAttribute("session attribute", "my attribute");

		session.invalidate();

		// java.lang.IllegalStateException a neden olur session invalidate
		// metodu session'i siler/ucurur/yok eder.
		
		session.setAttribute("new session attribute", "new my attribute");
		session.getAttribute("session attribute");
	}

}


 
 <servlet>
     <servlet-name>SessionInvalidate</servlet-name>
     <servlet-class>_09_HttpSession.timeout.SessionInvalidate</servlet-class>
 </servlet>

 <servlet-mapping>
     <servlet-name>SessionInvalidate</servlet-name>
     <url-pattern>/sessioninvalidate</url-pattern>
 </servlet-mapping>

invalidate metodu sessioni gecersiz kilar/yok eder. invalidate metodu kullanildiktan sonra getAttribute metodunu kullanirsak su hatayi aliriz ;

HTTP Status 500 – getAttribute: Session already invalidated

Session timeout suresi varsayilan olarak tomcat icin 1800 saniye yani 30dakikadir. Dilersek bunu web.xml dosyasindan degistirebiliriz. session-timeout etiketinde kullandigimiz sayi dakika cinsindendir.

	<session-config>
		<session-timeout>5</session-timeout>
	</session-config>

Ornek Uygulama 3

Cookiler , session yapisini desteklemek icin olusturulan kucuk veri/datalardir. Cookienin yapisi name/value cifti seklindedir. Server , cookie’yi istemciye/client a gonderir ve client/istemci de daha sonra geldiginde artik bu cookie bilgisine sahip olur.

Cookie sinifinda maxAge degiskeni vardir ve varsayilan olarak degeri -1 dir.  Cookiler auto-expire olacaktir. Farkli browserlar farkli sekilde davranis sergileyebilir. Ornegin bir browser icin tarayici kapandiginda cookie ler de silinirken digerinde silinmeyebilir.

private int maxAge = -1; // ;Max-Age=VALUE ... cookies auto-expire

Tarayici kapandiktan sonra da Cookilerin korunmasi icin setMaxAge metodunu kullanabiliriz. Buradaki expiry suresi saniye cinsindendir.

    public void setMaxAge(int expiry) {
        maxAge = expiry;
    }


CookieTimeOut.java

package _11_MoreSessionAndCookie;

import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class CookieTimeOut extends HttpServlet{

	@Override
	protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {

		Cookie cookie = new Cookie("username","levent");
		//cookie.setMaxAge(10); // 10 saniye sonra cookie silinsin
		resp.addCookie(cookie);

		String contextPath = req.getContextPath();

		String url= contextPath+"/cookietimeoutcheck";

		PrintWriter pw = resp.getWriter();

		pw.println("<html><body>");
		pw.println(" <a href=\"" + url
				+ "\"> Click Here</a>.");

	}

}

setMaxAge metodununa 5 degerini verdik. Cookie 5 saniye sonra silinecektir.

CookieTimeOutCheck.java

package _11_MoreSessionAndCookie;

import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class CookieTimeOutCheck extends HttpServlet {

	@Override
	protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {

		PrintWriter pw = resp.getWriter();

		Cookie [] cookies = req.getCookies();

		if(cookies!=null){
			for(Cookie c: cookies){
				pw.println(c.getValue() + " "+c.getName());
			}
		}else {
			pw.println("no cookie");
		}

	}

}

deployment descriptor(web.xml) dosyamiza , servlet siniflarimizin tanimlarini ekleyelim ;

 <servlet>
     <servlet-name>CookieTimeOut</servlet-name>
     <servlet-class>_09_HttpSession.cookie.CookieTimeOut</servlet-class>
 </servlet>
 
 <servlet-mapping>
     <servlet-name>CookieTimeOut</servlet-name>
     <url-pattern>/cookietimeout</url-pattern>
 </servlet-mapping>
 
 <servlet>
     <servlet-name>CookieTimeOutCheck</servlet-name>
     <servlet-class>_09_HttpSession.cookie.CookieTimeOutCheck</servlet-class>
 </servlet>
 
 <servlet-mapping>
     <servlet-name>CookieTimeOutCheck</servlet-name>
     <url-pattern>/cookietimeoutcheck</url-pattern>
 </servlet-mapping>

Ornek senaryolar;

  • setMaxAge metodu yorum satiri halinde olsun. Bu durumda maxAge -1 degerine sahip olacaktir. Eklenen cookie browser kapatilmadigi surece silinmeyecektir. CookieTimeOut servleti calistirilip linke tiklanir ve CookieTimeOutCheck servletine gidildiginde bu cooki’ye ulasilabilir.
  • Browser kapatilip CookieTimeOutCheck ( /cookietimeoutcheck )calistirilirsa cookiye ulasim saglanamaz !
  • setMaxAge metoduna arguman olarak 10 degeri verilir. setMaxAge e verilen degerler saniye cinsindendir. CookieTimeOut servleti calistirilip linke tiklanir ve CookieTimeOutCheck servletine gidildiginde bu cooki’ye ulasilabilir. 10 saniye beklenir linke tiklanirsa bu durumda cookiye ulasim saglanamaz!
  • Browser kapatilip CookieTimeOutCheck ( /cookietimeoutcheck )calistirilirsa cookiye ulasim 10 saniye icerisinde saglanabilir !

Yazimi burada sonlandiriyorum.
Herkese Bol Javali Gunler dilerim.
Be an oracle man , import java.*;
Levent Erguder
OCP, Java SE 6 Programmer
OCE, Java EE 6, Web Component Developer

Print Friendly, PDF & Email

Leave a Reply

Your email address will not be published. Required fields are marked *