Always happens...as soon as I ask the question, I figure out the answer. The problem is I am running <c:import> tags to import some JSPs, and those imported JSPs do not have the <%@ page session="false" %> directive. If I add the directive to those JSPs, I'm golden.
-- Brett Birschbach HS2 Solutions, Inc brett.birschb...@hs2solutions.com (773) 296-2600 x501 -----Original Message----- From: Brett Birschbach [mailto:brett.birschb...@hs2solutions.com] Sent: Wednesday, May 19, 2010 8:16 AM To: users@tomcat.apache.org Subject: Prevent JSP Session I am currently running Tomcat 6.0.24 on a Windows Vista machine. The web app I am developing will be deployed to a cloud, where server affinity will be thrown to the wind. Thus, instead of relying on tomcat to manage my session, I am instead managing the session via manual cookies and a database. Being that I cannot leverage the tomcat session, I don't want to create a session at all. This has a two-fold benefit: 1) Slight performance increase due to avoiding session creation overhead 2) I can put a session listener in place to log an error if ever a session is created, to ensure that we are not using the tomcat session in the development environment where everything would appear to be fine until we deploy to the cloud. According to JSP spec, I believe I should be able to use the following directive to prevent a session from being created by my JSPs: <%@ page session="false" %>. However, even when doing so, I am still getting a session created by the internals of the JSP container. Is there something I am doing wrong? Is it possibly a bug in Tomcat 6.0.24 (couldn't find it on Bugzilla)? Or is it simply a "necessary evil"? The generated JSP code that is triggering the session is: pageContext = _jspxFactory.getPageContext(this, request, response, null, true, 8192, true); Below is the relevant portion of an exact stack trace: at org.apache.catalina.session.ManagerBase.createSession(ManagerBase.java:854) at org.apache.catalina.session.StandardManager.createSession(StandardManager.java:291) at org.apache.catalina.connector.Request.doGetSession(Request.java:2392) at org.apache.catalina.connector.Request.getSession(Request.java:2098) at org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:833) at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:216) at org.apache.catalina.core.ApplicationHttpRequest.getSession(ApplicationHttpRequest.java:544) at org.apache.catalina.core.ApplicationHttpRequest.getSession(ApplicationHttpRequest.java:493) at org.apache.jasper.runtime.PageContextImpl._initialize(PageContextImpl.java:146) at org.apache.jasper.runtime.PageContextImpl.initialize(PageContextImpl.java:124) at org.apache.jasper.runtime.JspFactoryImpl.internalGetPageContext(JspFactoryImpl.java:107) at org.apache.jasper.runtime.JspFactoryImpl.getPageContext(JspFactoryImpl.java:63) at org.apache.jsp.layouts.nav.layout_005fnav_002dadmin_jsp._jspService(layout_005fnav_002dadmin_jsp.java:44) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) Thanks! -- Brett Birschbach HS2 Solutions, Inc brett.birschb...@hs2solutions.com --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
