Hi, I am trying to make a servlet that doesn't extend the session when accessed and it looked like the system property "org.apache.catalina.core. StandardHostValve.ACCESS_SESSION" could do job.
To test it out I created a simple project in Netbeans 8.1 with Tomcat 8.5.20 on Windows 10. In the project I have 2 servlets: servletA creates a session and outputs some HTML, servletB only outputs HTML and doesn't call request.getSession(). When I request servletA a session is created and each time I request it again, the last accessed time is updated. When I request servletB which doesn't call getSession(), the last accessed time is updated as well. Note: I'm using the out-of-the box server.xml and other configuration files and there are no filters that call getSession(). If I'm reading the documentation correctly, when set to true is will always update the last accessed time even if getSession() wasn't called. By default ACCESS_SESSION is false because STRICT_SERVLET_COMPLIANCE is not set/false. My question is what is the expected behaviour when it's set to false? I was expecting servletB to not update the last accessed time. Thanks, Kwan
