All geek questions in one place

New HttpSession for each request?

I always believed that a cookie JSESSIONIDwas created for each new request for this client when developing applications using the servlet specification. But with a little thought, is it more logical for the servlet container to create a cookie header only after the session has been requested and created in the code? For customers whose cookies are disabled, will it not create a new one HttpSessionfor each request made?

Please let me know if the question remains unclear, so I can edit it. TIA.

+3
source share
1 answer

A new session is not created by default by the Servlet container unless the servlet actually creates it explicitly. Just because the header is filled with JSEESIONID does not mean that the server must have a vision. An exception is JSPs, which by default create a session if it does not exist, except for <% @page session = "false"%>

Regarding the fact that cookies are not included:

A web container can use several methods to combine a session with a user, all of which are associated with an identifier between the client and the server. The identifier may be supported by the client as a cookie, or the web component may include an identifier in each URL returned to the client.

, , , URL-, cookie. encodeURL (URL) URL- . URL- cookie ; URL- .

+1

Source: https://habr.com/ru/post/1755123/

More articles:


All Articles