|
From servlets there is only one way of creating
HttpSession request.getSession(boolean create).
If you write JSP pages the session object will be
automatically created unless you specify session=false.
If you want to make sure that you create
HttpSession Object only after successful login write the session="false" on all
JSP pages before your login process.
<%@ page session="false"%>
Kesav Kumar
----- Original Message -----
From: Greg
Matthews
To: Orion-Interest
Sent: Wednesday, November 21, 2001 4:34 PM
Subject: HttpSession creation hi,
i'm trying to ensure that the only time a session
is created is after a successful user login.
is there any other way apart from
HttpServletRequest.getSession( ), or HttpServletRequest.getSession( boolean
create) that a HttpSession can be created?
i've trawled through the J2EE API but haven't seen
any other methods that might create a session -- was just wondering if there was
some sort of side-effect way, say, if you redirect a request or pass a request
through a filter chain or something???
thanks,
greg.
|
- HttpSession creation Greg Matthews
- Re: HttpSession creation Kesav Kumar
- Re: HttpSession creation Lachezar Dobrev
- Re: HttpSession creation Greg Matthews
