When does session gets created

Hi Experts
 
i have a j2ee application deployed on websphere 6.0 cluster. My welcome page is my login page (login.jsp) and i have set the session = "false" in the page directive. But when i am monitoring the live sessions. It seems like app server is creating a session when the first login page is launched.
What do i need to do to avoid the session from being created.

thanks
S
sunilramuAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Gibu GeorgeChief Technology OfficerCommented:
If the value of session attribute is true then the session object refers to the current or a new session because the client must be in the HTTP session for running the JSP page on the server. If you set the value of session object false then you can not use the session object or <jsp:useBean> element with scope="session" in JSP page
0
Gibu GeorgeChief Technology OfficerCommented:
Session object is created by the container when you access the jsp.
0
sunilramuAuthor Commented:
gibu_george thanks. i am aware of that, but my question is that when i have session='false' in the jsp page directive, it should not create session and in my case it is creating one.
does anyone know how the webserver directs request to the app server through the deployment manager. does it directly go to app server or is any session management done at the deployment manager level.
0
CompTIA Network+

Prepare for the CompTIA Network+ exam by learning how to troubleshoot, configure, and manage both wired and wireless networks.

Gibu GeorgeChief Technology OfficerCommented:
It will create a session, but you will not able to use the session object
0
Murali MurugesanFull stack Java developerCommented:
saying session=false is only restriction for the jsp and not for ur entire application.
as gibu_george pointed out your session is created as soon there is a first hit to the container to access your application.

When you set session="false" in jsp then it ,means existing session object is not available for that jsp page.

http://www.roseindia.net/jsp/SessionAttribute.shtml

-Murali*
0
Murali MurugesanFull stack Java developerCommented:
to avoid creating a session just invalidate in ur POST metod of servlet if u have one o JSP page and make sure u dont have request.getSession(true) anywhere.

request.getSession().invalidate();

I m feared without session u sould be handling only the request and response parameters.

-Murali*

0
Gibu GeorgeChief Technology OfficerCommented:
request.getSession().invalidate(); even if this is done, the session is created first then it is invalidated. It will not avoid the creation of session.
0
Murali MurugesanFull stack Java developerCommented:
you are right, since session creation is unavoidable he can just discard the one that is already created, makes no difference.

0
sunilramuAuthor Commented:
So there is no way that container would not create a session on a request.
0
Murali MurugesanFull stack Java developerCommented:
short answer is no.

I just  thought of an alternate way to explain it.

Use HttpSessionListener API and implement the methods onsessioncreation and destroyed.
You can have the session invalidate code in the onsessioncreated method.
This works irrespective of the server. You will also know when session gets created and destroyed usin this listener.

-Murali*
0
rrzCommented:
>
>But when i am monitoring the live sessions
How do you do that ?  
I think what you do at the top of here should work for you.
I don't use websphere. So, I can't test with that. But you could do some simple tests.
You use two simple test pages.  
first.jsp

<%@ page session="true" %>
Session id is ${pageContext.session.id}

and second.jsp  

<%@ page session="false" %>
Session id is ${pageContext.session.id}

Look at the translated pages of both.  
In Tomcat those files are its work folder and are called first_jsp.java  and  second_jsp.java  ( I can't tell you about websphere).   For second.jsp in Tomcat, the HttpSession variable is not even declared and the implicit object session is not created.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Java App Servers

From novice to tech pro — start learning today.