File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Servlets and the fly likes Session Creation? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "Session Creation?" Watch "Session Creation?" New topic

Session Creation?

Jignesh Gohel
Ranch Hand

Joined: Dec 28, 2004
Posts: 276

In my application after i am authenticating the user ,I am creating a new session for the user using teh code below:

That is first i am checking using the signature of getSession(boolean value)..And as per my knowledge calling this method with a false argument will give me an existing session on the current request or if no session exists it will give null.

But in my case it is not giving null instead,correct me if i am wrong , it should give null when my application starts right??

So what might be the problem??

[ April 18, 2006: Message edited by: Bear Bibeault ]


The Art Of Life Is To Know When To Be Useless And When To Be Useful - CHUANG TZU
Krithika Srinath
Ranch Hand

Joined: Apr 11, 2006
Posts: 52
Hi Jignesh,

You are right..!
session = request.getSession(false);
retrieves a session if already a session exists otherwise which it should return "null".
However, in your case where are you invalidating the session? The servlet container creates a session for you by default. Hence, if you want to make sure that you always want to use a new session, then your code should look like:
// Try retrieving any existing session
HttpSession session = request.getSession(false);

// If session already exists, clear by invalidating the same.
if (session != null)

// Create new session now.
session = request.getSession(true);

We need to follow the above steps since
HttpSession session = request.getSession(true);
does not always ensures the creation of new session.

Hope this helps.

Thanks and Regards,
Vishnu Prakash
Ranch Hand

Joined: Nov 15, 2004
Posts: 1026
The type of browsers also plays a major role in session management. With every new IE, a new session is created. With Firefox(every new tab) you continue with the same session.

Servlet Spec 2.4/ Jsp Spec 2.0/ JSTL Spec 1.1 - JSTL Tag Documentation
Satish Chilukuri
Ranch Hand

Joined: Jun 23, 2005
Posts: 266
For JSPs, by default a session is created. So if your starting page is a JSP, a session would have already been created when you get the first request.

So if you are using a JSP as the starting point try adding this decaration to your page:

<%@ page session="false" %>

This will prevent a session from being created when a JSP is served.
I agree. Here's the link:
subject: Session Creation?
It's not a secret anymore!