I am curious why people spent so much time trying to figure out whether request.getSession(...) returns null or not but didn't bother using request.getSession().isNew()?
-----Original Message----- From: Steve Kirk [mailto:[EMAIL PROTECTED] Sent: December 9, 2004 4:36 PM To: 'Tomcat Users List' Subject: RE: How to detect expired session vs. no session? (Solved) > By default: > 1. getSession(true)!=null > 2. getSession(false)!=null > > But if a JSP page contains the tag <%@ page session="false" %>, then: > 1. getSession(true)!=null 2. getSession(false)==null In the last of these 4 cases, do you mean that the implicit JSP session object returns null, or that request.getSession(false) returns null? I could understand the first behaviour but would be surprised by the second. The problem is that it implies that JSPs execute the code in a way that is different than if it were included in a servlet, and given that JSPs are servlets, this seems puzzling. Again, perhaps I'm not fully understanding either your case, or the details of how sessions work. > For my case, sessions will only be created for logged-in > users what is it about your case that makes this happen? I would have thought that session creation is independent of whether you are authenticating or not. Or is there a way to config TC to not create sessions by default, and only create them when the user successfully authenticates? --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] !DSPAM:41b8c52d300391826077954!
