tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Phillip Qin <Phillip....@shareowner.com>
Subject RE: How to detect expired session vs. no session? (Solved)
Date Fri, 10 Dec 2004 15:21:56 GMT
Yeah, that's my point.

-----Original Message-----
From: Ben Souther [mailto:bsouther@fwdco.com] 
Sent: December 10, 2004 10:19 AM
To: Tomcat Users List
Subject: RE: How to detect expired session vs. no session? (Solved)


I believe it's because they were trying to figure out whether they had a new
session because the old one expired or because they just hit the site for
the first time.  In either case the session would be new.



On Fri, 2004-12-10 at 10:11, Phillip Qin wrote:
> I am curious why people spent so much time trying to figure out 
> whether
> request.getSession(...) returns null or not but didn't bother using
> request.getSession().isNew()?
> 
> 
> 
> -----Original Message-----
> From: Steve Kirk [mailto:tomcat-user@web-startup.co.uk]
> Sent: December 9, 2004 4:36 PM
> To: 'Tomcat Users List'
> Subject: RE: How to detect expired session vs. no session? (Solved)
> 
> 
> > By default:
> > 1. getSession(true)!=null
> > 2. getSession(false)!=null
> > 
> > But if a JSP page contains the tag <%@ page session="false" %>, 
> > then:
> > 1. getSession(true)!=null 2. getSession(false)==null
> 
> In the last of these 4 cases, do you mean that the implicit JSP 
> session object returns null, or that request.getSession(false) returns 
> null?  I could understand the first behaviour but would be surprised 
> by the second. The problem is that it implies that JSPs execute the 
> code in a way that is different than if it were included in a servlet, 
> and given that JSPs are servlets, this seems puzzling.  Again, perhaps 
> I'm not fully understanding either your case, or the details of how 
> sessions work.
> 
> > For my case, sessions will only be created for logged-in users
> 
> what is it about your case that makes this happen?  I would have 
> thought that session creation is independent of whether you are 
> authenticating or not.  Or is there a way to config TC to not create 
> sessions by default, and only create them when the user successfully 
> authenticates?
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


!DSPAM:41b9bea273806963321052!

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message