difference between session expired or session new

[Hans Wichman <ha...@trimm.nl>]

Hi,
I have an app in which users do not have to login, but each user does have 
its own session.

I tried to come with a way to detect whether the users current session has 
expired, but I can't seem to find a way to differentiate between 'no' 
session and an 'expired' session.

What I had was:
       if (request.getRequestedSessionId() != null && 
!request.isRequestedSessionIdValid()) {
          response.sendRedirect(this.getInitParameter("session_timeout_url"));
          return;
       }

this works, as long as the servlet is not called from a different context 
in which another session is already active.

If I use a sessionlistener to flag somewhere that the session for a certain 
session id is no longer valid, this 'flag'repository will keep on growing, 
it would probably take forever to cause problems, still is doesn't seem 
like a good solution.

Why isn't there something like session.isValid(); so that 
request.getSession(false) returns a session object which can be queried for 
validness? Now it returns null, which makes it a bit hard to determine 
session history.

Greetz
Hans