Filip Hanik - Dev Lists wrote:
what would seem appropriate would be to do this:
1. Prevent multiple cookies, ie, swap out the old cookie. Only one
session id should be sent down
There doesn't seem to be an easy way to get hold of the response object
from inside of session.expire().
2. throw an illegal state exception if a session.create is called after
the response headers are committed.
i think the code in doGetSession() already does this.
Arvind
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
