我们使用以下代码解决了该问题.

We solved the issue with the following code.

<%@page session="false"%>

<%
   HttpSession session = request.getSession();
   if (session!=null) {
      session.invalidate();
   }
%>

我们在主登录jsp和供应商登录jsp中都添加了此代码.因此，每次加载jsp时，都会消除HTTP会话的自动创建(

We added this code in both the main login jsp and vendor login jsp. So each time the jsp is loaded the automatic creation of HTTP session is eliminated (http://docs.oracle.com/cd/A97688_16/generic.903/bp/j2ee.htm#1008677). Then we create a session explicitly. This code now works perfectly in Websphere Application Server.