On Tue, 13 Nov 2001, Bongiorno, Christian wrote:
> Date: Tue, 13 Nov 2001 18:06:53 -0500
> From: "Bongiorno, Christian" <[EMAIL PROTECTED]>
> Reply-To: Tomcat Users List <[EMAIL PROTECTED]>
> To: 'Tomcat Users List' <[EMAIL PROTECTED]>
> Subject: RE: Principal caching with authentication
>
> How would I know if I was or wasn't using sessions? Maybe I don't understand
> the use of the term correctly. What is the default? I can check the config
>
I am speaking of sessions as defined by the javax.servlet.http.HttpSession
interface. See the servlet spec for more details:
http://java.sun.com/products/servlet/download.html
Tomcat never creates a session for you (unless you're using FORM
authentication.) Therefore, your application needs to call:
HttpSession session = request.getSession(;
If you are using JSP pages, you get sessions automatically unless you tell
the page *not* to do so.
Craig
--
To unsubscribe: <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>
