Home/ Questions/Q 6042431
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T06:47:23+00:00

I understand how to access Session attributes using EL in my JSP/Servlet application: <p>

  • 0

I understand how to access Session attributes using EL in my JSP/Servlet application:

    <p> Hello <c:out value="${sessionScope.userName}"/> </p>

However, I was wondering if there was a way to hide a Session variable from JSP page EL access? If I set a session variable in my servlet, such as:

    UserDAO user = new UserDAO();
    user.setUserName("XYZ");
    request.getSession().setAttribute("user", user);

Is there a way to prevent that UserDAO Java Object’s fields from being accessed on the JSP with some code such as: 

    <p> Hello <c:out value="${user.userName}"/> </p>

Thank you.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    There isn’t. At least, not without writing a custom EL resolver which isn’t exactly trivial.

    Your best bet is to wrap it in an object which does not expose the value by a Javabean getter method. E.g.

    public class UserWrapper implements Serializable {

    private User user;

    public UserWrapper(User user) {
        this.user = user;
    }

    public User get() {
        return user;
    }

}

    Store it in the session as follows instead.

    session.setAttribute("user", new UserWrapper(user));

    Get it from the session as follows instead.

    User user = ((UserWrapper) session.getAttribute("user")).get();

    This method is inaccessible in EL. At least, in EL versions prior 2.2 where you could otherwise just do #{user.get()}.

    Alternatives are to make the getter method of the wrapper class package-protected so that it’s only accessible by classes in the same package and/or subclasses (EL namely requires it to be public). 

        protected User get() {
        return user;
    }

    Or even make the whole wrapper class a private or package-protected inner class.

    • 0