Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Session Creation?

 
Jignesh Gohel
Ranch Hand
Posts: 276
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

In my application after i am authenticating the user ,I am creating a new session for the user using teh code below:



That is first i am checking using the signature of getSession(boolean value)..And as per my knowledge calling this method with a false argument will give me an existing session on the current request or if no session exists it will give null.

But in my case it is not giving null instead,correct me if i am wrong , it should give null when my application starts right??

So what might be the problem??

Thanks,
Jignesh
[ April 18, 2006: Message edited by: Bear Bibeault ]
 
Krithika Srinath
Ranch Hand
Posts: 52
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Jignesh,

You are right..!
session = request.getSession(false);
retrieves a session if already a session exists otherwise which it should return "null".
However, in your case where are you invalidating the session? The servlet container creates a session for you by default. Hence, if you want to make sure that you always want to use a new session, then your code should look like:
// Try retrieving any existing session
HttpSession session = request.getSession(false);

// If session already exists, clear by invalidating the same.
if (session != null)
{
session.invalidate();
}

// Create new session now.
session = request.getSession(true);

We need to follow the above steps since
HttpSession session = request.getSession(true);
does not always ensures the creation of new session.

Hope this helps.

Thanks and Regards,
~Krithika
 
Vishnu Prakash
Ranch Hand
Posts: 1026
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The type of browsers also plays a major role in session management. With every new IE, a new session is created. With Firefox(every new tab) you continue with the same session.
 
Satish Chilukuri
Ranch Hand
Posts: 266
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
For JSPs, by default a session is created. So if your starting page is a JSP, a session would have already been created when you get the first request.

So if you are using a JSP as the starting point try adding this decaration to your page:

<%@ page session="false" %>

This will prevent a session from being created when a JSP is served.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic