Christopher Schultz wrote on Monday, July 31, 2006 10:08 PM: > Markus, > >>>>> If the session is mandatory, I recommend changing: >>>>> >>>>> request.getSession(false) >>>>> to >>>>> request.getSession(true) >>>> Thanks for your quick answer. The problem I want to solve is only to >>>> create a session if it is really needed, so #redirectToURLWithSID is >>>> a little bit more complicated that this. >>> What is your definition of "is really needed"? I would say that NOT >>> having a session is a good indication that you SHOULD create one. Am >>> I missing the point? >> >> Not having a session results in not sending cookies nor sids and thats >> what I want, at least for pages where it isn't needed. > > Some part of your logic is missing: you do not have a case where it is > known that you MUST create a session. Therefore, you never create a > session. Your code tries and tries again (redirecting continuously) but > never creates a session because you are not handling the case where you > want to create one. You must create a session at some point: you're just > not doing it.
Hm, I don't understand your point. Take a look: >From http://www.dlite.de/42/TestServlet.java if (redirectToURLWithSID(request)) { request.getSession(true); String url = request.getRequestURI(); url = response.encodeRedirectURL(url); response.sendRedirect(url); So I check in #redirectToURLWithSID if I need a session or not (which is shortened in the example). I only redirect after creating a session via request.getSession(true). There is no redirect without creating a session. -- Beste Grüße / best regards Markus Meissner --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
