----- Original Message -----
> From: "Greg Wilkins" <gregw_at_intalio.com>
> To: "users" <users_at_servlet-spec.java.net>
> Sent: Thursday, 27 November, 2014 2:05:26 PM
> Subject: [servlet-spec users] Re: session(-less) applications
>
> On 27 November 2014 at 10:02, arjan tijms <arjan.tijms_at_gmail.com> wrote:
>
> > A central switch that switches off sessions would also be really
> > convenient for various others specs
> >
>
> But sessions are off by default.
>
> You only get a session if you ask for one or use an authentication
> mechanism that asks for one on your behalf.
>
> If we add a mechanism to turn off sessions and then all the apps/frameworks
> that are currently doing getSession(true) on behalf of the user (and thus
> making the user try a hack to get rid of the session), will just throw a
> NPE or ISE instead.
Well one of the proposed options was for it to just return a session that
lasts for a single request.
I'm still not sure what the actual use case for this is, I assume it is an
app with some 3rd party code calls getSession(true)? If this is the case I
don't really like the idea of adding session less applications to the spec
just to work around it.
Stuart
>
> cheers
>
>
>
> --
> Greg Wilkins <gregw_at_intalio.com> @ Webtide - *an Intalio subsidiary*
> http://eclipse.org/jetty HTTP, SPDY, Websocket server and client that scales
> http://www.webtide.com advice and support for jetty and cometd.
>