tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Leon Rosenberg" <rosenberg.l...@googlemail.com>
Subject Re: Preventing tomcat from creating sessions
Date Thu, 15 May 2008 15:40:18 GMT
On Wed, May 14, 2008 at 7:34 PM, Christopher Schultz
<chris@christopherschultz.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> public class SessionKillingRequest
> ~   extends HttpServletRequestWrapper
> {
> ~  public SessionKillingRequest(HttpServletRequest request)
> ~  {
> ~    super(request);
> ~  }
>
> ~  public HttpSession getSession(boolean create)
> ~  {
> ~    if(create)
> ~    {
> ~      new Throwable("Attempted session creation").printStackTrace();
> ~    }
> ~    return null;
> ~  }
> }
>

the getSession() call without parameters also creates a new session.

regards
Leon

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message