Steve Kirk wrote:
By default:
1. getSession(true)!=null
2. getSession(false)!=null
But if a JSP page contains the tag <%@ page session="false" %>, then:
1. getSession(true)!=null
2. getSession(false)==null
In the last of these 4 cases, do you mean that the implicit JSP session
object returns null, or that request.getSession(false) returns null? I
could understand the first behaviour but would be surprised by the second.
The problem is that it implies that JSPs execute the code in a way that is
different than if it were included in a servlet, and given that JSPs are
servlets, this seems puzzling. Again, perhaps I'm not fully understanding
either your case, or the details of how sessions work.
I'll do some testing to confirm whether the implicit session object is
null (which I guess so). I'm sure request.getSession(false) can really
be null coz I'm relying on that in my pages, which all are forced not to
create session by default until I received the login params and
authenticate them, and then manually call HttpSession mySession =
request.getSession(true) to create one.
For my case, sessions will only be created for logged-in
users
what is it about your case that makes this happen? I would have thought
that session creation is independent of whether you are authenticating or
not. Or is there a way to config TC to not create sessions by default, and
only create them when the user successfully authenticates?
Add this and TC won't create session by default: <%@ page
session="false" %>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
