Same sessionid after invalidating session

Rated 4.93/5 based on 639 customer reviews

Primitive data types cannot be bound to the session.An important note to you, session is not a bullock cart.It should be used sparingly for light weight objects. Http Session should be used for session management and not as a database.If you are in a situation where you have to store heavy weight objects in session, then you are in for a toss. Follow a proper naming convention to store data in session.

Be careful while using this, most programmers fell into a deeply dug pit Null Pointer Exception. Because it returns null if no object is bound under the name. Then, remove Attribute(String name) removes the object bound with the specified name from the session. Note a point; be cautious not to expose the session id to the user explicitly. It can be used to transport data between requests for the same user and session.set Attribute(String name, Object value) adds an object to the session, using the name specified.

Leave a Reply