tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Preventing tomcat from creating sessions
Date Thu, 15 May 2008 15:42:16 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Leon,

Leon Rosenberg wrote:
| On Wed, May 14, 2008 at 7:34 PM, Christopher Schultz
| <chris@christopherschultz.net> wrote:
|> -----BEGIN PGP SIGNED MESSAGE-----
|> Hash: SHA1
|>
|>
|> public class SessionKillingRequest
|> ~   extends HttpServletRequestWrapper
|> {
|> ~  public SessionKillingRequest(HttpServletRequest request)
|> ~  {
|> ~    super(request);
|> ~  }
|>
|> ~  public HttpSession getSession(boolean create)
|> ~  {
|> ~    if(create)
|> ~    {
|> ~      new Throwable("Attempted session creation").printStackTrace();
|> ~    }
|> ~    return null;
|> ~  }
|> }
|>
|
| the getSession() call without parameters also creates a new session.

I assumed that getSession() simply called getSession(true). Is that not
the case? Oh, well. It's easy to implement that, too:

public HttpSession getSession() { return getSession(true); }

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkgsWdgACgkQ9CaO5/Lv0PC81gCeLeHT5jMJb7UtqkkkKw5wF29u
XgUAniTukyTyJvsVewVbB5vJOWox0zJc
=YmSa
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message