Always create session.

[gigi.git] / src / org / cacert / gigi / Gigi.java

diff --git a/src/org/cacert/gigi/Gigi.java b/src/org/cacert/gigi/Gigi.java
index 8fbdbc22b71e06ded2748347f76331b685e0ac22..1464a8b3942275c6c7a9c37e754c30c1fcaaa80b 100644 (file)
--- a/src/org/cacert/gigi/Gigi.java
+++ b/src/org/cacert/gigi/Gigi.java
@@ -59,14 +59,14 @@ public class Gigi extends HttpServlet {
                        throws ServletException, IOException {
                X509Certificate[] cert = (X509Certificate[]) req
                                .getAttribute("javax.servlet.request.X509Certificate");
-               HttpSession hs = req.getSession(false);
-               if (hs == null || hs.getAttribute(LOGGEDIN) == null) {
+               HttpSession hs = req.getSession();
+               if (hs.getAttribute(LOGGEDIN) == null) {
                        if (cert != null) {
                                tryAuthWithCertificate(req, cert[0]);
-                               hs = req.getSession(false);
+                               hs = req.getSession();
                        }
                }
-               if (hs != null && ((Boolean) hs.getAttribute("loggedin"))
+               if (((Boolean) hs.getAttribute("loggedin"))
                                && req.getPathInfo().equals("/login")) {
                        resp.sendRedirect("/");
                        return;