Introduction to Session Objects
In the previous tutorial understanding GET and POST, we have learned about the servlet class doGet and doPost methods and some common differences among them. In this tutorial we will learn about scopes, we look about different objects that we have used in our previous servlet examples, and we will try to understand the scopes of those objects. Our assumptions for this tutorial are that you know what OOP’s is and specifically the concept of objects and object scopes.
Common objects in servlets
Let us show you a very simple snippet of the servlet that we have written in our earlier tutorial “creating servlet” we have modified do get method here to explain further.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 |
package org.uzair.javaee; import java.io.IOException; import java.io.PrintWriter; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * Servlet implementation class MyFirstServlet */ @WebServlet(description = "no description", urlPatterns = { "/MyFirstServletURL" }) public class MyFirstServlet extends HttpServlet { private static final long serialVersionUID = 1L; /** * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html"); PrintWriter out= response.getWriter(); String userName= request.getParameter("userName"); out.println("Hello, "+userName); } } |
This source just has do get method with the request object and response object there is a code inside to read from the request object and print out to the response object.
Request and response objects
Now, what are the important objects that we see here? Request objects, response object, and the servlet object itself. Who creates them and when they are created? What is the Tomcat container?
To get the answer, we first look at “tomcat container”. Tomcat is the server and it has the container inside it, one of the responsibility of the container is to tack care of the initialization of these object (request , response and the servlet objects) another thing to notice is that every class that we have not written and used in the snippet above are provided by the Tomcat like HttpServletRequest (class of the request object) and HttpServletResponse (class of the response object). We have discussed in our earlier tutorial about the answer of when these objects are created? We know that request and the response objects are created when a browser makes a request to the server, the request object has the data about the request that browser has initiated, and response object will be blank. Now these objects are passed to the servlet inside the web application that we have written. After execution of the servlet, the response will be sent back to the browser.

Another thing to take point of is that, each time when the request for the servlet arrives in the server(tomcat) no matter from the same browser or another browser these request and the response objects are created each and every time and then handed to the doGet() or the doPost() method of that servlet. So request and response objects are created – Per access.
Understanding servlet objects
Now, what about the servlet object itself it is not created on Per access if five browsers are making a request to the same servlet, this does not mean that there are five servlet objects. Actually servlet objects are reused they are not created per access, each request coming from the browser have different servlet threads, not instances, so why response object is not reused, it’s because of the HTTP protocol, this protocol as we have mentioned earlier is a stateless protocol, every time we access a servlet Tomcat handles it as a new request and sends back a new response, this simply means that our server is not remembering the client(client: browser from where request is coming through HTTP protocol). There is a way from which we can tell our server to remember the client(). Just like the request object that tomcat has provided for us tomcat has also provided for us the session object of type HTTP Session, to access the session object, we have to use a function of request object “request.getSession(); “ and then save our required data in that session object.
Example Elaborating Session Object:
We could see a little example in the source below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 |
package org.uzair.javaee; import java.io.IOException; import java.io.PrintWriter; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; /** * Servlet implementation class MyFirstServlet */ @WebServlet(description = "no description", urlPatterns = { "/MyFirstServletURL" }) public class MyFirstServlet extends HttpServlet { private static final long serialVersionUID = 1L; /** * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html"); PrintWriter out= response.getWriter(); String userName= request.getParameter("userName"); HttpSession session = request.getSession(); if(userName!=""&&userName!=null){ session.setAttribute("savedUserName", userName); // if userName parameter is not null thet it will put the value in the session } out.println("Request parameter has username , "+userName); out.println("Session parameter has username , "+(String) session.getAttribute("savedUserName"));// here return type is object so we cast it to (String) } } |
In the above piece of code, the servlet doGet() method is first using the request object to get the userName and then storing it by using “setAttribute” function to use it later when required. The value once stored in session object will remain same for each URL access. To test the results try to run the above source in your web application by Right clicking on the servlet file à Run as à RunOnServer. The first time it will set both the userName as null as shown in Figure

Now you have to pass the URL query parameter as follows http://serverAddress/yourWebApplicatioPath/yourServletURL?userName=johnDoe
For Example – “http://localhost:8080/SimpleServletProject/MyFirstServletURL?userName=uzair” this will set both the userNames as uzair as shown in figure

Now again remove the “?userName=uzair” from the above URL and press enter to reload the URL, the new URL becomes “http://localhost:8080/SimpleServletProject/MyFirstServletURL”notice the changes in the results

Request object becomes null while the session object did not, this means that we have successfully saved the state of the client through session object. This means that scope of the session object does not limit the per access.
Download Complete Servlets Project Here
Summary:
In this tutorial, we have accomplished following things
- Get to know how to create request and request objects
- Get to know when the request and request objects are created.
- Learned to save the state of the user through session objects.
In the next tutorial, we will learn more about the session so stay tuned and stay blessed.