Adobe Experience Manager Sites & More

goyalkritika · 7/19/23

I need to create an HTTP session.

Issue -> If I'm hitting the servlet using two different query params, it is not creating two different sessions. For the first request, a new session is created, but for second request, session.isNew() is returning false with same session ID. What can be the issue?

HttpSession userSession = request.getSession();
LOGGER.info("User session is {}", userSession.getId());
LOGGER.info("User session is new {}", userSession.isNew());

Mahedi_Sabuj · 7/19/23

A session starts when the user requests for the first page. The session will be same for subsequent requests in the same browser. New session will be created only if the user hasn’t requested any pages for a given amount of time (timeout) or user logged out from the system or request from new browser.

HttpSession getSession() - This method always returns a HttpSession object. It returns the session object attached with the request, if the request has no session attached, then it creates a new session and return it.

If you want to invalidate current session, you can invalidate a session like this:

request.getSession(false).invalidate();

Reference: https://www.digitalocean.com/community/tutorials/java-session-management-servlet-httpsession-url-rew...

View solution in original post

Mahedi_Sabuj · 7/19/23

A session starts when the user requests for the first page. The session will be same for subsequent requests in the same browser. New session will be created only if the user hasn’t requested any pages for a given amount of time (timeout) or user logged out from the system or request from new browser.

HttpSession getSession() - This method always returns a HttpSession object. It returns the session object attached with the request, if the request has no session attached, then it creates a new session and return it.

If you want to invalidate current session, you can invalidate a session like this:

request.getSession(false).invalidate();

Reference: https://www.digitalocean.com/community/tutorials/java-session-management-servlet-httpsession-url-rew...

Sady_Rifat · 7/19/23

Hello @goyalkritika ,

It might be you are hitting the query params from the same browser. Please, try with a different browser window or from a different PC. This should not happen different requests get the same session.

Nishant-Singh · 7/19/23

@goyalkritika

By default, HTTP sessions in Java servlets are managed using cookies. When the server creates a new session for the first request, it sends a unique session ID to the client as a cookie. Subsequent requests from the same client should include this session ID in the request headers to maintain the same session. If your client is not sending the session ID cookie with the second request, the server will not recognize it as a new session and will associate it with the existing session.

Try using different browsers. it will work as expected.

Adobe Experience Manager Sites & More

Create a user specific HTTP session

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe