[Help] Sessions, images & beans, no cookies please...

[Russ Perry Jr]

We have some images that we want to output on a JSP, and the name of
the image corresponds with an ID that we've gotten from a database.
What we've been doing so far is this:

<img src="specialimages/<bean:write name="ImageBean"
property="fileName"/>"
alt="special image" />

But, now we've done two things: 1) we put a filter on to prevent
unauthorized access, and 2) disabled cookies. This combination means
that access to the above no longer works, even for authorized users.
Basically, the session info was in a cookie, but now with no cookies,
we need it in the URL, but it isn't there.

We can't just use <html:img> directly, as the <bean:write> is nested
within it and therefor it gives a NullPointerException at compilation
time. The solution? We did this:

<jsp:useBean id="ImageBean" scope="session"
class="monitoronline.ImageBean" />
<html:img page='<%= "/specialimages/" + ImageBean.getFileName() %>'
alt="special image" />

Now, this raises some questions...

1) Why is the <jsp:useBean> necessary here, when it wasn't before? We
assume the <bean:write> mechanism makes the <jsp:useBean> unnecessary,
but don't see a reason why.

2) I'd like to avoid embedded Java if at all possible, so is there
another way to do this with just tags? [Note: we're not using JSTL,
at least not at the moment]

3) Might the "nested" taglib help here? It didn't look like it to us,
but maybe we're just missing something...

It looks like we also have the same issue with an <a> tag elsewhere:

<a href="docs/<bean:write name="doc" property="docLocation"/>">

....so we'll be looking for a fix for that case too, I guess.

Anyone?

 

[Russ Perry Jr]

[sorry to follow up on my own post, but I wanted to add a little info]

We have some images that we want to output on a JSP, and the name of
the image corresponds with an ID that we've gotten from a database.
What we've been doing so far is this:

<img src="specialimages/<bean:write name="ImageBean"
property="fileName"/>"
alt="special image" />

But, now we've done two things: 1) we put a filter on to prevent
unauthorized access, and 2) disabled cookies. This combination means
that access to the above no longer works, even for authorized users.
Basically, the session info was in a cookie, but now with no cookies,
we need it in the URL, but it isn't there.

We can't just use <html:img> directly, as the <bean:write> is nested
within it and therefor it gives a NullPointerException at compilation
time. The solution? We did this:

<jsp:useBean id="ImageBean" scope="session"
class="monitoronline.ImageBean" />
<html:img page='<%= "/specialimages/" + ImageBean.getFileName() %>'
alt="special image" />

Now, this raises some questions...

1) Why is the <jsp:useBean> necessary here, when it wasn't before? We
assume the <bean:write> mechanism makes the <jsp:useBean> unnecessary,
but don't see a reason why.

2) I'd like to avoid embedded Java if at all possible, so is there
another way to do this with just tags? [Note: we're not using JSTL,
at least not at the moment]

3) Might the "nested" taglib help here? It didn't look like it to us,
but maybe we're just missing something...

It looks like we also have the same issue with an <a> tag elsewhere:

<a href="docs/<bean:write name="doc" property="docLocation"/>">

...so we'll be looking for a fix for that case too, I guess.

Anyone?

As to the latter example, we ended up with this:

<html:link target="_blank" page='<%= "/docs/" + ((DocBean)
doc).getDocLocation() %>'>

The <jsp:useBean> is apparently not necessary in this case because the
above is inside a <logic:iterate> section. The typecasting surprised
us a little -- if the JSP iterates our collection, and we use the
<bean:write> above, it doesn't need to know the type, but now we have
to? I guess the <bean:write> knows the type due to introspection, but
with embedded Java there's no such automated process, so we have to
do it? Makes sense, but didn't expect it...