httpsession

Why some times tutorials make beans implement Serializable object and others do not? I know that object should be serialized when I want to send it through a network, so does that prove that each bean used in sessions should implements Serializable objects and beans defined in JSP pages should not since they are not transferred using HTTP requeset I know that object should be serialized when I want to send it through a network, so does that prove that each bean used in sessions should implements Serializable You seem to believe that objects in a session are sent to the client in the http

I want to get session from a common class. Using @Autowired didn't work. public class TMessageHandlerFactory implements MessageHandlerFactory { @Autowired private HttpSession session; @Override public void data(InputStream data) { int userId = (int)session.getAtrribute("key"); //session null .... //do sth } } The constructor also didn't work @Component public class SMTPRunner implements ApplicationRunner { @Autowired private UserService userService; // userService can access @Autowired private HttpSession session; // session can't access @Override public void run(ApplicationArguments

anybody knows how to track httpsession destroy with GAE? I've found that HttpSessionListener doesn't work properly in GAE and sessionDestroyed method never calls. To be more specific I have an information that I store in database when user logins to the application, but if some user is inactive for some time I need to remove this info from db, that will be easy if sessionDestroyed method will be invoked when such event happens, as for now I did cron job which runs each minute, the job queries all data of this kind handles in memory which data is inactive and removes it. But this is very

I'm trying to test a method with this signature: @Autowired HttpSession http_Session; @RequestMapping(method=RequestMethod.GET, value="/search/findByName") public @ResponseBody List<Map> search(@RequestParam(value="name", required=true) String name){ Integer user_id = http_Session.getAttribute("userinfo"); } userinfo is a class which contains informations about the user and set in session scope when the user logged in.but when I try the test : @RunWith(SpringJUnit4ClassRunner.class) @WebAppConfiguration @ContextConfiguration(locations = { "classpath:/META-INF/applicationContext.xml"}) public

Are there any differences between getting session through HttpServletRequest.getSession() and HttpSession injected in controller's method? Basically there is no diffrerence between the session object injected into a Spring MVC controller: @RequestMapping(value = "/somepath", method = RequestMethod.POST) @ResponseBody public JsonResponse someMethod (HttpSession session) { // play with session attributes } And the session object retrieved from the HttpServletRequest : @RequestMapping(value = "/somepath", method = RequestMethod.POST) @ResponseBody public JsonResponse someMethod

I want to invalidate sessions of users based on some Event. I store their sessionID, how to get their HttpSession from this ID? The HttpSessionContext class is deprecated with no replacement. Servlet 2.2 specifically deprecated this for security reasons so there shouldn't be any official way to do this. Not recommended but you can can try to use Manager.findSession() if you use Tomcat. I just removed HttpSession from my application. It's really hard to keep sessions in sync when many servers are running. We tried to tweak it by writing our own manager but can never get it work right. Finally,

Ive some questions about Spring Security 3.0.5 and the SecurityContext. First of all, Ill try to conclude what I know: SecurityContextHolder stores SecurityContext Between Request, SecurityContext is stored in HttpSession Begin of Request: SecurityContextHolder gets SecurityContext from HttpSession End of Request: SecurityContextHolder puts SecurityContext in HttpSession During the Request, on the server, SecurityContextHolder uses a ThreadLocal. Everywhere in the application (same request), the SecurityContext can be accessed Now my question.... --> Two Requests: the SecurityContext-instance

Since I don't have in depth knowledge of spring session scope implementation. Can anyone please tell me if it is wise to use Spring Session scoped beans, where HttpSession object is very crucial. Like a web application where thousands of users access the site simultaneously. Is spring session scoped bean saved in HttpSession object? Or even if HttpSession object only refers to the spring session scoped bean, are we not making session object heavy? How is it different form storing any bean directly in HttpSession object (making HttpSession object heavy point of view)? The object is not really