Preventing tomcat to create sessions

Y

youssef.mohammed

Hi;
I am writing set of REST services for some Flash clients, flash
doesn't send cookies and we don't want to user URL rewriting for most
of the services (they are just stateless).
The issue is when the client calls http://localhost/services/resource
say n times ... the application server/servlet container creates n
sessions !
How do i prevent that from happening ?
 
D

Dave Miller

Hi;
I am writing set of REST services for some Flash clients, flash
doesn't send cookies and we don't want to user URL rewriting for most
of the services (they are just stateless).
The issue is when the client calls http://localhost/services/resource
say n times ... the application server/servlet container creates n
sessions !
How do i prevent that from happening ?
Click to expand...
HttpSession getSession(false);
 
A

Arne Vajhøj

I am writing set of REST services for some Flash clients, flash
doesn't send cookies and we don't want to user URL rewriting for most
of the services (they are just stateless).
The issue is when the client calls http://localhost/services/resource
say n times ... the application server/servlet container creates n
sessions !
How do i prevent that from happening ?
Click to expand...

Servlets does not create sessions by default. JSP Pages
does, but I doubt that your REST service is a JSP page.

What REST framework are you using to create the service ?

(it should not create a session, because session is against
the core idea in REST)

Arne
 
Y

youssef.mohammed

Servlets does not create sessions by default. JSP Pages
does, but I doubt that your REST service is a JSP page.

What REST framework are you using to create the service ?
Click to expand...

I I have built few simple classes based on pure servlet. but i am
using spring framework as IoC container.
(it should not create a session, because session is against
the core idea in REST)
Click to expand...

What if these services need to be authenticated. then we have do a
service to authenticate keep the user in the session, and get that
user everytime other authenticated service is invoked, right ?
 
A

Arne Vajhøj

I I have built few simple classes based on pure servlet. but i am
using spring framework as IoC container.
Click to expand...

There are dedicated frameworks available like:
http://www.restlet.org/
What if these services need to be authenticated. then we have do a
service to authenticate keep the user in the session, and get that
user everytime other authenticated service is invoked, right ?
Click to expand...

REST is intended to be stateless. A session means state.

The REST ways to do it are:
- BASIC or DIGEST authentication
- SSL client certificate
- custom HTTP header

Arne
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Can't find html page on tomcat server 4
Cannot create PoolableConnectionFactory to mysql by JSP on tomcat 0
Problem with Log4J and TomCat 0
Tomcat: Strange error 2
Newbie Question: Problem with Tomcat and MySql 4
Weird Behavior with Rays in C and OpenGL 4
Configuring a Realm in Tomcat 2
Tomcat 4.0, MySQL and connection pools... 0

Members online

Total: 53 (members: 3, guests: 50)
Robots: 503

Forum statistics

Threads
473,769
Messages
2,569,579
Members
45,053
Latest member
BrodieSola

Latest Threads

Top