tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Craig R. McClanahan" <>
Subject RE: Principal caching with authentication
Date Tue, 13 Nov 2001 23:04:44 GMT

On Tue, 13 Nov 2001, Bongiorno, Christian wrote:

> Date: Tue, 13 Nov 2001 18:06:53 -0500
> From: "Bongiorno, Christian" <>
> Reply-To: Tomcat Users List <>
> To: 'Tomcat Users List' <>
> Subject: RE: Principal caching with authentication
> How would I know if I was or wasn't using sessions? Maybe I don't understand
> the use of the term correctly. What is the default? I can check the config

I am speaking of sessions as defined by the javax.servlet.http.HttpSession
interface.  See the servlet spec for more details:

Tomcat never creates a session for you (unless you're using FORM
authentication.)  Therefore, your application needs to call:

  HttpSession session = request.getSession(;

If you are using JSP pages, you get sessions automatically unless you tell
the page *not* to do so.


To unsubscribe:   <>
For additional commands: <>
Troubles with the list: <>

View raw message