I understand the difference between request.getSession(true) and request.getSession(false). But request.getSession() & request.getSession(true) look very similar!
Both "return the current session associated with this request", but differ in:
request.getSession():
"or if the request does not have a session, creates one"
request.getSession(true):
"if there is no current session, returns a new session"
I don't understand the difference between them, is it that (if none exists) they create a new session but the first one doesn't return it but the second one does?
Source: http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html
Edit:
Someone tagged/marked my question as duplicate even though it isn't. I will explain why.
I have explicitly asked for the difference between request.getSession() & request.getSession(true) and NOT between request.getSession(true) & request.getSession(false)! I have stated , again explicitly, that I already understand the difference b/w ..(true) & ..(false).
The question linked as a possible duplicated of of asks about the difference b/w ..(true) & ..(false) and not ..(true) & ..()
request.getSession() is just a convenience method. It does exactly the same as request.getSession(true).
request.getSession() will return a current session. if current session does not exist, then it will create a new one.
request.getSession(true) will return current session. If current session does not exist, then it will create a new session.
So basically there is not difference between both method.
request.getSession(false) will return current session if current session exists, then it will not create a new session.
Method with boolean argument :
request.getSession(true);
returns new session, if the session is not associated with the request
request.getSession(false);
returns null, if the session is not associated with the request.
Method without boolean argument :
request.getSession();
returns new session, if the session is not associated with the request and returns the existing session, if the session is associated with the request.It won't return null.
They both return the same thing, as noted in the documentation you linked; an
HttpSession object.
You can also look at a concrete implementation (e.g. Tomcat) and see what it's actually doing: Request.java class. In this case, basically they both call:
Session session = doGetSession(true);
A major practical difference is its use:
in security scenario where we always needed a new session, we should use request.getSession(true).
request.getSession(false): will return null if no session found.
request.getSession() or request.getSession(true) both will return a current session only . if current session will not exist then it will create a new session.
They both return the same thing, but if we use
false its return null if session object not created yet.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 女痞 的文章《Difference between request.getSession() and reques》','https://www.manongdao.com/article-542170.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}