session indicates that the page requires participation in an (http) session.
If "true" then the implicit script language variable named "session" of type javax.servlet.http.HttpSession reference the current/new session for the page.
If "false" then the page does not participate in a session; the "session" implicit variable is unavailable, and any reference to it within the body of the JSP page is illegal and shall result in a fatal translation error.
Default is "true".
So... even if some random page has session="true" that should not cause other pages whose session is defined to "false" to have a "session" variable.
Two possible causes:
1- the app server you're using does not meet spec
2- you're defining the session attribute incorrectly. Can you post a sample JSP page where you're seeing this behavior?
[ March 29, 2003: Message edited by: Jessica Sant ]