Discussions

Web tier: servlets, JSP, Web frameworks: session.removeValue(USER ).....wht is this?

  1. session.removeValue(USER ).....wht is this? (2 messages)

    Hi,

      can u update me y this is used..

    public static final String USER = ".user";

    HttpSession session = req.getSession(true);
    session.removeValue(USER);

    Because i want to track the complete application with session using userid.... i written like above in my code.
    it is creating the session for the first time wht ever the string we entered in the userid text field... But here also i want to check the correct userid and password.. if correct means then i have to allow the user to enter into the secured page.. there i want to print the userid .. but there i am getting the first uncorrect entered userid string which is entered in the text field.
    pls any one can help me in this regard..
    thanks.!!!!

    guda.
  2. First of all, the removeValue method has been deprecated. This has been replaced by the removeAttribute method (similarly, the getValue method has been deprecated in favor of getAttribute).

    Also, I assume English is not your primary language and it's hard for people to understand what you're asking exactly. Anyway, here's the programming logic I would recommend for your application.

    1. A user attempts to log in with a user login and password:
      a. if successful, store user id into a session object with the key "userID".
      b. if fails, no session is created and user is redirected to login screen

    2. In your secure page, check the session with a key called "userID".
      a. if succeeds, then get the userID and print it
      b. if fails, redirect to login screen.

    Here's some more pseduocode:

    // Login part

      // look up login/password, return null if not good
      String userID = getUserID(login, password);
      
      if(userID == null) {
        HttpSession session = request.getSession(true);
        session.setAttribute("userID", userID);
      } else {
        redirect("/loginURL");
      }


    // Secure page
      HttpSession session = request.getSession(true);
      String userID = session.getAttribute("userID");
      
      // redirect if null
      if(userID == null)
        response.sendRedirect("/loginURL");

    Hope this made sense...
  3. Hi joseph,

      Thank you for ur help. I will correct myself in this regard.

    thanks

    guda.