> By default: > 1. getSession(true)!=null > 2. getSession(false)!=null > > But if a JSP page contains the tag <%@ page session="false" %>, then: > 1. getSession(true)!=null > 2. getSession(false)==null
In the last of these 4 cases, do you mean that the implicit JSP session object returns null, or that request.getSession(false) returns null? I could understand the first behaviour but would be surprised by the second. The problem is that it implies that JSPs execute the code in a way that is different than if it were included in a servlet, and given that JSPs are servlets, this seems puzzling. Again, perhaps I'm not fully understanding either your case, or the details of how sessions work. > For my case, sessions will only be created for logged-in > users what is it about your case that makes this happen? I would have thought that session creation is independent of whether you are authenticating or not. Or is there a way to config TC to not create sessions by default, and only create them when the user successfully authenticates? --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
