-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Arnab,
On 1/8/2010 5:34 AM, Arnab Ghosh wrote: > Can I disable the session creation in context A and C? Sure: make sure all your JSPs have session="false" in their headers, and make sure that you call request.getSession(false) and check for NULL every time. If you want to enforce a no-session policy, you could write a filter/valve that wraps the request and throws an exception instead of creating a session (i.e. when request.getSession(true) is called, or if getSession() is called and no session already exists). > Because in context B > , a request forwarded from context A should not share with a session with a > request forwarded from context C in any condition. This is my requirement. > How can I achieve that?? So, you forward like this: A -> B, session id from A can be used to create a session in B C -> B, session id from C cannot be used to create a session in B If that's the case, and B needs a session, then what? > Or I can have a unique session Id generator. Id will be unique in all > context. Is it possible? If the sessions are not being shared, who cares if they have the same id? Are you overlapping URI spaces? Don't do that. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAktHrDwACgkQ9CaO5/Lv0PD6mgCdHprBh+dhH/3jSRmd84BzGeBc hRIAmwZ77zharfv2+VySOc/g166Bfnmo =7sLr -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org