Matt RaibleMatt Raible is a Web Developer and Java Champion. Connect with him on LinkedIn.

The Angular Mini-Book The Angular Mini-Book is a guide to getting started with Angular. You'll learn how to develop a bare-bones application, test it, and deploy it. Then you'll move on to adding Bootstrap, Angular Material, continuous integration, and authentication.

Spring Boot is a popular framework for building REST APIs. You'll learn how to integrate Angular with Spring Boot and use security best practices like HTTPS and a content security policy.

For book updates, follow @angular_book on Twitter.

The JHipster Mini-Book The JHipster Mini-Book is a guide to getting started with hip technologies today: Angular, Bootstrap, and Spring Boot. All of these frameworks are wrapped up in an easy-to-use project called JHipster.

This book shows you how to build an app with JHipster, and guides you through the plethora of tools, techniques and options you can use. Furthermore, it explains the UI and API building blocks so you understand the underpinnings of your great application.

For book updates, follow @jhipster-book on Twitter.

10+ YEARS


Over 10 years ago, I wrote my first blog post. Since then, I've authored books, had kids, traveled the world, found Trish and blogged about it all.

RECENT ENTRIES


Tag Cloud


abbie appfuse birthday denver family grails gwt jack java javascript jhipster jsf linkedin maven roller skiing softwaresummit spring springmvc struts2 travel trish vacation webframeworks wicket
« Can your laptop do... | Main | Tomcat 5.0.18 Releas... »
Thursday January 22, 2004

Turn off sessions in your JSPs

One of the tips I picked up in J2EE Design and Development was to turn off automatic session-creation in your JSPs. So I tried this today on my project, and it doesn't seem to work. Basically this involved putting the following at the top of your JSPs: 

<%@ page session="false"%>

I did this by adding this to my taglibs.jsp, which is included in every other JSP - so it should affect all my JSPs and prevent a session from being created on my welcome-file - right? Not according to Tomcat's Manager application - it still increments the number of sessions as I hit the welcome page with different browsers. Am I doing something wrong?

I'd love to get this working - so sessions are only created when a user logs in. Those JSPs that need a session, I'll override the default with session="true". I often see a whole bunch of sessions on the wiki and roller apps on this site - and in reality - a session should never be created, unless I login. At least I think that's how this is designed to work...

Posted in Java at Jan 22 2004, 11:23:18 AM MST 4 Comments
Comments:

I used this once in iPlanet and it worked - I included the line directly in each page. During load testing, the maximum number of allowable sessions would be reached quickly and subsequent client connections would be refused. Most of the pages did not need sessions, so turning them off where not needed allowed a larger number of client requests to be handled. I believe I also tested this successfully in Tomcat but I'm not positive.

Posted by Gary Blomquist on January 22, 2004 at 08:13 PM MST #

This "feature" is definitely container specific. OrionServer just got around to fixing it recently - it used to have no effect on the compiled pages. And then when it finally did, it made the internal session object null, so it broke a bunch of pages that used it without initializing first (back when I was using a lot of scriptlets). If you're using Tomcat, I wonder if this is a general Jasper issue? -R

Posted by Russ on January 22, 2004 at 10:14 PM MST #

Just exactly what is this suppose to do? Presumably a jsp will simply include session = request.getSession(false) whenever this attribute is true. So why would this have any impact on the number of sessions in use at any given time? I thought it was just there to populate the session local of the generated servlet from the jsp. Sessions are only created via a getSession(true). Without specifying true or false the default in tomcat produces session = pageContext.getSession(); this returns the current value of the session.

Posted by Robert Nicholson on January 23, 2004 at 08:48 AM MST #

how do you include "taglibs.jsp"? if you use <jsp:include... the including page is handled seperately from the include, also regarding session handling. if you use the compile-time <%@ include... it might be too late for this instruction or even illegal depending on the server you use. or maybe it conflicts with some settings in your web.xml? here are some things to try out: http://www.caucho.com/resin-2.1/ref/caching.xtp

Posted by andi on January 23, 2004 at 02:41 PM MST #

Post a Comment:
  • HTML Syntax: Allowed