I would like to eliminate the HttpSession completely You can’t entirely disable it. All you need to do is to just not to get a handle of it by either request.getSession() or request.getSession(true) anywhere in your webapplication’s code and making sure that your JSPs don’t implicitly do that by setting <%@page session=”false”%>. If your main … Read more
To set a session-timeout that never expires is not desirable because you would be reliable on the user to push the logout-button every time he’s finished to prevent your server of too much load (depending on the amount of users and the hardware). Additionaly there are some security issues you might run into you would … Read more
From the spring docs Spring can be easily integrated into any Java-based web framework. All you need to do is to declare the ContextLoaderListener in your web.xml and use a contextConfigLocation to set which context files to load. The <context-param>: <context-param> <param-name>contextConfigLocation</param-name> <param-value>/WEB-INF/applicationContext*.xml</param-value> </context-param> <listener> <listener-class> org.springframework.web.context.ContextLoaderListener </listener-class> </listener> You can then use the WebApplicationContext … Read more
Generally speaking, this is the configuration file of web applications in java. It instructs the servlet container (tomcat for ex.) which classes to load, what parameters to set in the context, and how to intercept requests coming from browsers. There you specify: what servlets (and filters) you want to use and what URLs you want … Read more
What is web.xml file and what all things can I do with it ? The /WEB-INF/web.xml file is the Web Application Deployment Descriptor of your application. This file is an XML document that defines everything about your application that a server needs to know (except the context path, which is assigned by the Application Deployer … Read more
You can always refer to resources in your application directly by their JNDI name as configured in the container, but if you do so, essentially you are wiring the container-specific name into your code. This has some disadvantages, for example, if you’ll ever want to change the name later for some reason, you’ll need to … Read more
On Servlet 3.0 or newer you could just specify <web-app …> <error-page> <location>/general-error.html</location> </error-page> </web-app> But as you’re still on Servlet 2.5, there’s no other way than specifying every common HTTP error individually. You need to figure which HTTP errors the enduser could possibly face. On a barebones webapp with for example the usage of … Read more
Resin 3.0 documents this behavior: load-on-startup can specify an (optional) integer value. If the value is 0 or greater, it indicates an order for servlets to be loaded, servlets with higher numbers get loaded after servlets with lower numbers. The JSP 3.1 spec (JSR 340) says this on page 14-160: The element load-on-startup indicates that … Read more
You can indeed not define the filter execution order using @WebFilter annotation. However, to minimize the web.xml usage, it’s sufficient to annotate all filters with just a filterName so that you don’t need the <filter> definition, but just a <filter-mapping> definition in the desired order. For example, @WebFilter(filterName=”filter1″) public class Filter1 implements Filter {} @WebFilter(filterName=”filter2″) … Read more
<url-pattern>/*</url-pattern> The /* on a servlet overrides all other servlets, including all servlets provided by the servletcontainer such as the default servlet and the JSP servlet. Whatever request you fire, it will end up in that servlet. This is thus a bad URL pattern for servlets. Usually, you’d like to use /* on a Filter … Read more