Report Session and Application Session

When the report is integrated into the project, there may be a question that the system application and report application are under the same Web server. Are the system session and report session the same session? If not, will there be a conflict?

The answer is: It’s not the same Session, and there will be no conflict, because the application session stores some shared information such as requests, while the report session stores the information related to accessing the report, such as whether the access to the same template, etc. They are completely independent, so there will be no conflicts.

Under normal circumstances, when the client browser accesses a report on the designer, a session will be generated. When the user closes the browser, the designer will be notified to close the session, but the session saved on the server side will not be used. The disappearance of the object also does not make the persistent cookies that have been saved on the hard disk disappear.

Note: If the life cycle is reached, the related session will be closed automatically.

Note: This refers to the browser Session.

The Session mechanism is not complicated, but the flexibility of its implementation and configuration makes the specific situation complex and changeable. This also requires us not to treat only a certain experience or the experience of a certain browser or server as a universally applicable experience, but always requires specific analysis of specific situations.

In summary: The client browser visits a certain address and sends a request to generate a session. Nowadays the browser can open multiple Tab windows, all of which belong to a session. When the browser is closed, then the session is closed. If you do not close the browser and open a browser again, a session will be recreated.

1. When was the session created?

A common misunderstanding is that the session is created when it is accessed by the client. However, the fact is that it is not created until a server-side program calls a statement such as HttpServletRequest.getSession(true). Note that if the JSP is not displayed, use <%@ page session="false"%>to close the session, the JSP file will automatically add such a statement HttpSession session = HttpServletRequest.getSession(true) when the JSP file is compiled into a Servlet, which is also the origin of the session object implicit in JSP.

Due to the session consumes memory resources, if you do not plan to use the session, you should close it in all JSP.

2. When was the session deleted?

Based on the previous description, session is deleted in the following situations:

• The program calls HttpSession.invalidate()

• The time interval since the last session ID sent by the client has exceeded the maximum valid time of the session

• Server process is stopped

3. How to delete the session when the browser is closed?

Strictly speaking, this cannot be done. One way is to use the JavaScript code window.oncolose in all client pages to monitor the browser's closing action, and then send a request to the server to delete the session. But these unconventional methods of browser crashes or forcibly killing processes are still powerless.