The HttpSession session = request.getSession(true); and HttpSession session = request.getSession(); both creates a new session if there is none present.
My problem is that i want to invalidate() the session if its allready present and then create a new one.
I that possible ..i mean is there any way out to achieve this..??
first kill your old session
session.invalidate();
and after that reopen it with
HttpSession session = request.getSession(true);
dont work?
First do a session.invalidate(); and if necessary then do a response.sendRedirect("url"); to an url where in you can just do request.getSession(); to get a new session.
Note that this approach is not guaranteed to work in a JSP file, simply because the response is in most cases already committed (so that the container cannot set the new value of the jsessionid cookie in the response header). You really need to do this in a Servlet or Filter.
That said, why exactly do you want to invalidate the session and then immediately get a new session all in the same request? This sounds like a workaround for a certain problem for which there may be better solutions.
How about this?
HttpSession session = request.getSession(false); // Will not create a new session.
if(session!=null)
{
session.invalidate();
}
session = request.getSession(true);