if (originalServletContext != this) {
//this is a cross context request
//we need to make sure there is a top level session
originalServletContext.getSession(originalServletContext, exchange, true);
} else if (existing != null) {
c.clearSession(exchange, existing);
}
final Session newSession = sessionManager.createSession(exchange, c);
httpSession = SecurityActions.forSession(newSession, this, true);
exchange.putAttachment(sessionAttachmentKey, httpSession);