5

I don't too much about gwt session on java. I've some doubts about it. Anyone can check if the implementation below is the way it needs to be done.

public class ServiceImpl extends RemoteServiceServlet implements Service  
{
   void CreateSession(String Username)
   {
      HttpServletRequest request = this.getThreadLocalRequest();
      HttpSession session = request.getSession();
      session.setAttribute("Username", Username);
   }

   boolean ValidateSession(String Username)
   {
       HttpServletRequest request = this.getThreadLocalRequest();
       HttpSession session = request.getSession();
       if (session.getAttribute("Username"))
       {
          return true;
       }
       return false;
   }
}

Is this the correct way to implement these two function???

kiedysktos
  • 3,910
  • 7
  • 31
  • 40
Noor
  • 19,638
  • 38
  • 136
  • 254
  • 3
    ` if (session.getAttribute("Username"))` will this compile ? – jmj Dec 15 '10 at 18:43
  • [Here](http://publib.boulder.ibm.com/infocenter/wasinfo/v6r0/index.jsp?topic=/com.ibm.websphere.express.doc/info/exp/ae/cprs_best_practice.html) are some best practices on session management hope this will help you – jmj Dec 15 '10 at 18:49

2 Answers2

6

a few correction 

    void createSession(String Username) {
        getThreadLocalRequest().getSession().setAttribute("Username", Username);
    }

    boolean validateSession(String Username) {
        if (getThreadLocalRequest().getSession().getAttribute("Username") != null) {
            return true;
        } else {
            return false;
        }
    }
  • Is there anyway, I can identify a valid session with the use of any username and only the thread?? – Noor Dec 15 '10 at 19:17
  • traditional java/jsp/servlet programming. write any servlet or jsp and take the session from the request –  Dec 15 '10 at 19:22
  • I'm new to java, Can u show me a simple example to perform this – Noor Dec 15 '10 at 20:10
  • @Noor here is the simple java session tutorial. http://www.apl.jhu.edu/~hall/java/Servlet-Tutorial/Servlet-Tutorial-Session-Tracking.html –  Dec 16 '10 at 05:05
  • Can I annotate this as @Stateless, so I can scale horizontally? – iuiz Feb 08 '12 at 18:34
5

This LoginSecurityFAQ is a good place to start.

Isaac Truett
  • 8,734
  • 1
  • 29
  • 48