If your using a container managed security realm, a session would be created. Also, the Struts framework would use a session without your explicit call in a JSP.
Mark Aufdencamp [EMAIL PROTECTED] > -------- Original Message -------- > Subject: Sessions where no sessions are needed > From: "Johannes Weberhofer, Weberhofer GmbH" <[EMAIL PROTECTED]> > Date: Fri, January 12, 2007 8:43 am > To: [email protected] > > Dear Geronimo users and developers! > > After we have ported our application from JBoss to Geronimo we have noticed > that geronimo/tomcat/struts/velocity started to opens session all the time! > We have double checked our source code. To check if sessions exist we always > use request.getSession(false), and we do not set session parameters. > > Because of the session id's which are always included in the URLs, too, > Google crawls our Applications very often. > > We have noticed, that also simple applications, like the > http://cwiki.apache.org/GMOxDOC11/very-simple-session-ejb-example.html, are > sending cookies to the requesting browser, even though it seem no to be > necessary. > > Is there any way to turn this behavior off, is this a bug or a feature? > > Thank you for your support, > > Andreas Bohnert > Johannes Weberhofer > -- > > > |--------------------------------- > | weberhofer GmbH > | information technologies, Austria > | > | phone : +43 (0)1 5454421 0 | email: [EMAIL PROTECTED] > | fax : +43 (0)1 5454421 19 | web : http://weberhofer.at > | mobile: +43 (0)699 11998315 > |----------------------------------------------------------->>
