Tomcat creating Httpsessions automatically

Greenhorn

Posts: 7

posted 11 years ago

In one of my servlets i have written the following code

HttpSession session = request.getSession(false);

(i.e if already session is there then only give me back the session otherwise return null)

The above statement is always returning a session even though i have not created a session explicitly.It is never returning a null.

I assume Tomcat by default is creating session. Can we prevent TOmcat from creating the session automatically?

thanks
rama

Ben Souther

Sheriff

Posts: 13411

I like...

posted 11 years ago

Do you have any JSPs in your application?
JSPs, by default create sessions automatically.

Out of curiosity, why do you want to suppress the creation of sessions?
If you're not doing anything with them, their creation

Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf

ramaa Vadakattuu

Greenhorn

Posts: 7

posted 11 years ago

no JSPs are there
1) it is an intial request to the servlet.
>>Out of curiosity, why do you want to suppress the creation of sessions?
>>If you're not doing anything with them, their creation

2) Some where in the Java code iam basing my decision on this
for example
for a request
If already session is there (he is logged in user)
{
//loggedin user
//do some stuff
}
else if no session is there
{
//new user
// do some other stuff
}

the above statements in Java look like this
if(request.getSession(false) is not null)
{
//logged in User
}
else
{
//New user who has not logged in
}

As the apache is creating session automatically never i am going to else loop.

I hope your understand the above scenario.

The only this i really need to undestand is why it is creating the session automatically ? Can we prevent such automatic creation?

Ben Souther

Sheriff

Posts: 13411

I like...

posted 11 years ago

I'm not sure when exactly they're being created but I've found it more reliable to bind an object (could be something as simple as a string) to session when a user logs in. Then check for the existence of that object in session instead of the session object itself. Then, it doesn't matter when or how the session gets created.

Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf

ramaa Vadakattuu

Greenhorn

Posts: 7

posted 11 years ago

Do you have any JSPs in your application?
JSPs, by default create sessions automatically.

Sorry actually Iam moving to the servlet via index.jsp.
This index.jsp is creating the sessions automatically.
THanks for your reply.

Amateurs built google. Professionals built the titanic. We can't find the guy that built this tiny ad:

how do I do my own kindle-like thing - without amazon

https://coderanch.com/t/711421/engineering/kindle-amazon

Tomcat creating Httpsessions automatically

Similar Threads