geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From m...@aufdencamp.com
Subject RE: Sessions where no sessions are needed
Date Fri, 12 Jan 2007 15:57:07 GMT
If your using a container managed security realm, a session would be
created.  Also, the Struts framework would use a session without your
explicit call in a JSP.

Mark Aufdencamp
Mark@Aufdencamp.com

> -------- Original Message --------
> Subject: Sessions where no sessions are needed
> From: "Johannes Weberhofer, Weberhofer GmbH" <office@weberhofer.at>
> Date: Fri, January 12, 2007 8:43 am
> To: user@geronimo.apache.org
> 
> Dear Geronimo users and developers!
> 
> After we have ported our application from JBoss to Geronimo we have noticed that geronimo/tomcat/struts/velocity
started to opens session all the time! We have double checked our source code. To check if
sessions exist we always use request.getSession(false), and we do not set session parameters.
> 
> Because of the session id's which are always included in the URLs, too, Google crawls
our Applications very often.
> 
> We have noticed, that also simple applications, like the http://cwiki.apache.org/GMOxDOC11/very-simple-session-ejb-example.html,
are sending cookies to the requesting browser, even though it seem no to be necessary.
> 
> Is there any way to turn this behavior off, is this a bug or a feature?
> 
> Thank you for your support,
> 
> Andreas Bohnert
> Johannes Weberhofer
> -- 
> 
> 
> |---------------------------------
> |  weberhofer GmbH
> |  information technologies, Austria
> |
> |  phone : +43 (0)1 5454421 0    | email: office@weberhofer.at
> |  fax   : +43 (0)1 5454421 19   | web  : http://weberhofer.at
> |  mobile: +43 (0)699 11998315
> |----------------------------------------------------------->>


Mime
View raw message