the original question, which Jospeh indicated is now solved, threw up more questions. at least that's why I was replying !
> -----Original Message----- > From: Phillip Qin [mailto:[EMAIL PROTECTED] > Sent: Friday 10 December 2004 15:12 > To: 'Tomcat Users List' > Subject: RE: How to detect expired session vs. no session? (Solved) > > > I am curious why people spent so much time trying to figure > out whether > request.getSession(...) returns null or not but didn't bother using > request.getSession().isNew()? > > > > -----Original Message----- > From: Steve Kirk [mailto:[EMAIL PROTECTED] > Sent: December 9, 2004 4:36 PM > To: 'Tomcat Users List' > Subject: RE: How to detect expired session vs. no session? (Solved) > > > > By default: > > 1. getSession(true)!=null > > 2. getSession(false)!=null > > > > But if a JSP page contains the tag <%@ page session="false" > %>, then: > > 1. getSession(true)!=null 2. getSession(false)==null > > In the last of these 4 cases, do you mean that the implicit > JSP session > object returns null, or that request.getSession(false) > returns null? I > could understand the first behaviour but would be surprised > by the second. > The problem is that it implies that JSPs execute the code in > a way that is > different than if it were included in a servlet, and given > that JSPs are > servlets, this seems puzzling. Again, perhaps I'm not fully > understanding > either your case, or the details of how sessions work. > > > For my case, sessions will only be created for logged-in > > users > > what is it about your case that makes this happen? I would > have thought > that session creation is independent of whether you are > authenticating or > not. Or is there a way to config TC to not create sessions > by default, and > only create them when the user successfully authenticates? > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > !DSPAM:41b8c52d300391826077954! > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
