Practical Usage of HttpSessionBindingListener And HttpSessionAttributeListener

session servlets listener
benz picture benz · Jul 21, 2013 · Viewed 21k times · Source

I am reading through head first JSP and servlets. Going through different type of listeners, I came across HttpSessionBindingListener and HttpSessionAttributeListener.

I was thinking about the difference between the two - I want to see the practical usages in real world examples of those two listeners. I tested HttpSessionBindingListener by implementing valueBound() and valueUnBound() - why would an object need to know whether it has been added or not?

I am pretty confused about the practical usages. Please help in clarifying this.

Answer

BalusC picture BalusC · Jul 21, 2013

The HttpSessionBindingListener is to be implemented on the class whose instances may be stored in the session, such as the logged-in user.

E.g.

public class ActiveUser implements HttpSessionBindingListener {

    @Override
    public void valueBound(HttpSessionBindingEvent event) {
        logins.add(this);
    }

    @Override
    public void valueUnbound(HttpSessionBindingEvent event) {
        logins.remove(this);
    }

}

When an instance of this ActiveUser get set as a session attribute by HttpSession#setAttribute(), then the valueBound() will be invoked. When it get removed by either HttpSession#removeAttribute(), or an invalidate of the session, or get replaced by another HttpSession#setAttribute(), then the valueUnbound() will be invoked.

Here are some real world use cases:

The HttpSessionAttributeListener is to be implemented as an application wide @WebListener which get invoked when any attribute is added, removed or replaced in the HttpSession. Continuing with the above ActiveUser example, this is particularly useful if you can't modify the ActiveUser class to implement HttpSessionBindingListener (because it's 3rd party or so), or when you want to make use of a "marker interface" on an arbitrary amount of classes so that you can do the listening job in a single central place.

@WebListener
public class ActiveUserListener implements HttpSessionAttributeListener {

    @Override
    public void attributeAdded(HttpSessionBindingEvent event) {
        if (event.getValue() instanceof ActiveUser) {
            logins.add(event.getValue());
        }
    }

    @Override
    public void attributeRemoved(HttpSessionBindingEvent event) {
        if (event.getValue() instanceof ActiveUser) {
            logins.remove(event.getValue());
        }
    }

    @Override
    public void attributeReplaced(HttpSessionBindingEvent event) {
        if (event.getValue() instanceof ActiveUser) {
            logins.add(event.getValue());
        }
    }

}

Here's a real world use case:

Related questions

How to use Session attributes in Spring-mvc

Could you help me write spring mvc style analog of this code? session.setAttribute("name","value"); And how to add an element that is annotated by @ModelAttribute annotation to session and then get access to it?

Read More
Differences between cookies and sessions?

I am training in web developement and am learning about JSP & Servlets. I have some knowledge of HttpSession - I have used it in some of my sample projects. In browsers I have seen the option to "delete cookies". …

Read More
How to set session timeout dynamically in Java web applications?

I need to give my user a web interface to change the session timeout interval. So, different installations of the web application would be able to have different timeouts for their sessions, but their web.xml cannot be different. Is …

Read More