I want to use session attributes to save info on a user who wants to
navigate my site. When the user logs in I use:
HttpSession sess = request.getSess ion(true);
sess.setAttribu te("customer", customer);
where customer is an object I have instantiated earlier. This works
fine and I can view values from this object using the following code
in index.jsp:
CustomerBOImpl cust = null;
if(session.getA ttribute("custo mer") != null){
cust = (CustomerBOImpl )session.getAtt ribute("custome r");}
out.println(cus t.getFname());% > <%out.println(c ust.getLname()) ;
This prints out the first name and last name just fine. The problem
comes when someone else tries to access the same index.jsp. It opens
up the page, gives them a separate session ID, but this different
session contains the same customer object of the last person who
logged in.
My question is: What is the proper manner to set session attributes
and then retrieve them in a JSP servlet?
navigate my site. When the user logs in I use:
HttpSession sess = request.getSess ion(true);
sess.setAttribu te("customer", customer);
where customer is an object I have instantiated earlier. This works
fine and I can view values from this object using the following code
in index.jsp:
CustomerBOImpl cust = null;
if(session.getA ttribute("custo mer") != null){
cust = (CustomerBOImpl )session.getAtt ribute("custome r");}
out.println(cus t.getFname());% > <%out.println(c ust.getLname()) ;
This prints out the first name and last name just fine. The problem
comes when someone else tries to access the same index.jsp. It opens
up the page, gives them a separate session ID, but this different
session contains the same customer object of the last person who
logged in.
My question is: What is the proper manner to set session attributes
and then retrieve them in a JSP servlet?