Re: Disable the session in tomcat

Thu, 18 Jul 2013 06:59:20 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Niki,

On 7/18/13 1:32 AM, Niki Dokovski wrote:
> On Thu, Jul 18, 2013 at 12:22 AM, Christopher Schultz < 
> ch...@christopherschultz.net> wrote:
> 
> Daniel,
> 
> On 7/17/13 5:04 PM, Daniel NAZARKIEWICZ wrote:
>>>> Yes, i want to prevent session from being created because
>>>> the sessions are not needed in my specific case, so no
>>>> session at all in the cookie neither in the URL.
>>>> 
>>>> Is this possible ?
> 
> Yes. Write a HttpSessionListener and unconditionally throw an 
> exception from the sessionCreated() method and kill the session.
> Like this:
> 
> public class IronFistedHttpSessionListener implements
> HttpSessionListener { @Override public void
> sessionCreated(HttpSessionEvent se) { 
> se.getSession().invalidate(); throw new
> IllegalStateException("Session use is not permitted."); }
> 
> @Override public void sessionDestroyed(HttpSessionEvent se) { // Do
> nothing } }
> 
> 
>> If sessions are not needed most probably you dont have state as
>> well.IMHO is better to see what leads to session creation and
>> avoid it than having artificial session termination code.

What better way to find out where code is creating sessions than to
have a full stack trace to that location?

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJR5/QbAAoJEBzwKT+lPKRY3gkP/RxJ1WYKjxhiGpSvjznr4YK2
orCkGv2ewM2T71S+y7NzFnDyU70DJSbEy66ejuvYgVQnZnZ12nWRJoMs4bxUZjsq
grC43oKuHG5140sDWyem5A4udhjbaIRU8N0zeXdQVwBWrJnxY40IaotMiHcMWXLX
MctxfTMY122ABsxtWdbcL/jz08hPpSOek5XiZAj7FD8HcSzexWLibFWjk5SjFUt2
AnB3Ysv/pjHihoiWlYWJaBqK5+5j1f8xYK8hn8FNEXrCGLwbFT2MnIra1S8zuJtQ
LiEoq8y2UozOMkAxzHPtBMtUDpwgZ+9HSUBBhu0klmuJiYFTAqKZKtM/+EJ2nUzJ
lGg0lNtCOsnsi4Hp2esXssyLsU1BuyfCEHwh0nVRVuGY1MmDrpQKNiqHGHGxVSJM
YyhP7uuFEMIoEb5312qEg5bnpjGtdzM0RztC8V5GtKPEIb+JytkW+1/TZf4idUAV
cIl8GEQv+sImd0EM0U6TEEqp0xszlFypN2w9pFl/RwUh+Vc3+qWWYjqYLEMy9isi
k6WC+LPOZ/2tlYgtA3siPewLncwmvSCkJHcUIYgeUMMHLblygDxppB3Hrlz/eNTy
dIkRLa4p304IOzT38u0QIe9eFfY7H4FiwUQhPFhqGQrSG1DP6DmFtb0hRaf7jDZx
MkwOeANyUMnQ5ERUGBur
=o/AY
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to