Enterprise Java

Spring MVC: Session advanced

Not so long time ago I wrote a post about HTTP sessions in a Spring MVC application. That was the simple article with an emphasis on practical aspect of usage. In the end of the post I promised to write more advanced topic dedicated to the sessions in Spring MVC applications. So I’m going to publish this stuff.

Before I start discussion about sessions and the most frequent situations which occur in a process of development I want to underline some things. What is the HTTP session? What for it exist? I hope you know that HTTP is a stateless protocol, that’s mean that there is no permanent connection between a browser and server. And as the result server doesn’t know who is an initiator of a request, even if an application has just one user. The session is a tool for identifying of requests author. The previous sentence is rough enough, but it explains the main purpose of the sessions. Every user gets it own session with unique identifier when he visits site first time.

Get a session ID

You can access the session id in Spring MVC application in a same way as in Java EE application. You just need to pass HttpSession object in arguments of a RequestHandler method and then invoke appropriate method for the session object:

	@RequestMapping(value="/", method=RequestMethod.GET)
	public ModelAndView mainPage(HttpSession session) {
		ModelAndView mav = new ModelAndView("home");
		String sid = session.getId();
		mav.addObject("sid", sid);
		return mav; 

Get a session attribute

When you want to access some session attribute in a controller you can use the same construction like in the previous code snippet, but with a little changes:

Object someObject =  session.getAttribute("nameOfAttribute");

If you definitely know what type of object will be returned you can specify an explicit cast.

Session attribute in JSP using JSTL

How to access session values in a JSP using JSTL after you put some value into the session in a controller?

public class NavController {
	@RequestMapping(value="/", method=RequestMethod.GET)
	public ModelAndView mainPage() {
		ModelAndView mav = new ModelAndView("home");
		String sValue = "Some value";
		mav.addObject("sValue", sValue);
		return mav; 

The access to the sValue session attribute will look like:


Delete session

Deletion of a session is pretty simple, you just need to call an invalidate() method for a session object. After this action the session will be entirely removed for a particular user.

Session timeout

A session timeout defines a period of session’s life, during this time session is valid. The most simple way to define the session timeout in Java EE applications is to specify it in a web.xml file. Add the following code snippet in your application’s web.xml file to set the session timeout:


In the example above I have set a session timeout value equals to 10 minutes.

Reference: Spring MVC: Session advanced from our JCG partner Alexey Zvolinskiy at the Fruzenshtein’s notes blog.

Alexey Zvolinskiy

Alexey is a test developer with solid experience in automation of web-applications using Java, TestNG and Selenium. He is so much into QA that even after work he provides training courses for junior QA engineers.
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

1 Comment
Newest Most Voted
Inline Feedbacks
View all comments
9 years ago

thx, ur article really help me :D

Back to top button