• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Liutauras Vilda
  • Ron McLeod
Sheriffs:
  • Jeanne Boyarsky
  • Devaka Cooray
  • Paul Clapham
Saloon Keepers:
  • Scott Selikoff
  • Tim Holloway
  • Piet Souris
  • Mikalai Zaikin
  • Frits Walraven
Bartenders:
  • Stephan van Hulst
  • Carey Brown

Session Creation?

 
Ranch Hand
Posts: 276
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

In my application after i am authenticating the user ,I am creating a new session for the user using teh code below:



That is first i am checking using the signature of getSession(boolean value)..And as per my knowledge calling this method with a false argument will give me an existing session on the current request or if no session exists it will give null.

But in my case it is not giving null instead,correct me if i am wrong , it should give null when my application starts right??

So what might be the problem??

Thanks,
Jignesh
[ April 18, 2006: Message edited by: Bear Bibeault ]
 
Ranch Hand
Posts: 52
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Jignesh,

You are right..!
session = request.getSession(false);
retrieves a session if already a session exists otherwise which it should return "null".
However, in your case where are you invalidating the session? The servlet container creates a session for you by default. Hence, if you want to make sure that you always want to use a new session, then your code should look like:
// Try retrieving any existing session
HttpSession session = request.getSession(false);

// If session already exists, clear by invalidating the same.
if (session != null)
{
session.invalidate();
}

// Create new session now.
session = request.getSession(true);

We need to follow the above steps since
HttpSession session = request.getSession(true);
does not always ensures the creation of new session.

Hope this helps.

Thanks and Regards,
~Krithika
 
Ranch Hand
Posts: 1026
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The type of browsers also plays a major role in session management. With every new IE, a new session is created. With Firefox(every new tab) you continue with the same session.
 
Ranch Hand
Posts: 266
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
For JSPs, by default a session is created. So if your starting page is a JSP, a session would have already been created when you get the first request.

So if you are using a JSP as the starting point try adding this decaration to your page:

<%@ page session="false" %>

This will prevent a session from being created when a JSP is served.
 
Think of how dumb the average person is. Mathematically, half of them are EVEN DUMBER. Smart tiny ad:
Smokeless wood heat with a rocket mass heater
https://woodheat.net
reply
    Bookmark Topic Watch Topic
  • New Topic