tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shapira, Yoav" <Yoav.Shap...@mpi.com>
Subject RE: Vexing session creation issue
Date Wed, 16 Jun 2004 14:47:07 GMT

Hi,
The behavior you're seeing is consistent with the servlet specification.
If a client chooses not to join a session (which the page
session="false" directive indicates), the container may still create
sessions for the client, just that it will be a new session each time,
with a new ID and empty attributes.  This is in the Servlet Spec but
summarized nicely in the 2nd to last paragraph of the HttpSession class
JavaDoc.

Yoav Shapira
Millennium Research Informatics


>-----Original Message-----
>From: Frank Zammetti [mailto:fzammett@hotmail.com]
>Sent: Wednesday, June 16, 2004 10:36 AM
>To: tomcat-user@jakarta.apache.org
>Subject: Vexing session creation issue
>
>I sent this to the Struts mailing list as well, but it seems like it
could
>be a Tomcat issue as well (probably just some config option I don't
know
>about)...
>
>Argh, this one is hurting my head...
>
>I have an application that starts out by returning index.jsp (it's the
>welcome file).  This JSP opens a new window via JavaScript and loads
into
>it
>index1.jsp.  index1.jsp populates five frames of a frameset.  At the
end of
>all this, my logon screen is seen.
>
>The important thing to note here is that no Actions are executed to
this
>point, it's just loading JSP's, and there is not really any JSP code in
any
>of these except for a bunch of request.getContextPath() calls.  No code
>accesses session or anything like that, and there are only two
references
>to
>getting anything out of request (because the logon page might be shown
>after
>a bad attempt, and I need to get the userID and password that was
>attempted).  In all of them, I have session="false" in the page tag.
>
>Now... I've created a SessionListener to tell me when a session is
created
>or destroyed.  Problem is, during all these JSP loads, the create event
>fires TWICE!  What's worse, session is NOT null (which I expected it to
>be),
>and worse still, I'm getting two DIFFERENT session ID's!  It looks like
two
>sessions are being created when it seems like absolutely NONE should
be.
>
>I'm banging my head against the wall with this one.  Anyone have any
ideas?
>Thanks folks!
>
>Frank
>
>_________________________________________________________________
>MSN 9 Dial-up Internet Access fights spam and pop-ups - now 3 months
FREE!
>http://join.msn.click-url.com/go/onm00200361ave/direct/01/
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org




This e-mail, including any attachments, is a confidential business communication, and may
contain information that is confidential, proprietary and/or privileged.  This e-mail is intended
only for the individual(s) to whom it is addressed, and may not be saved, copied, printed,
disclosed or used by anyone else.  If you are not the(an) intended recipient, please immediately
delete this e-mail from your computer system and notify the sender.  Thank you.


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message