You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Paulo Alvim <al...@powerlogic.com.br> on 2007/06/19 13:42:33 UTC
too many sessions serving from another context
Hi again!
We're using TC 5.5.9 with two WARs and the following situation:
/app1/example.jsp
(renders HTML with references to images being served from a servlet in
another application (context):
/app2/myImgs?name=image1.gif
/app2/myImgs?name=image2.gif
/app2/myImgs?name=image3.gif
We're also using 'single singon' because we need it for another reason.
The problem is that TC is creating 1 session for app1 and 3 sessions for
app2 (one per image served)!
I tried TC 6 and it seems that it creates only one session (as we
expected...).
1. Does anyone know if there's bug related to that?
2. Is there a better way to declare specific URLs to not creating new
sessions (ie: filter the myImgs servlet)?
Thanks in advance!
Paulo Alvim
Brazil
( +55 (31) 3213-1019
* alvim@powerlogic.com.br
Powerlogic S.A.
RES: too many sessions serving from another context
Posted by Paulo Alvim <al...@powerlogic.com.br>.
Thanks Cris,
But in the first case I can reproduce the problem in my computer, running
with cookies...
-----Mensagem original-----
De: Christopher Schultz [mailto:chris@christopherschultz.net]
Enviada em: terça-feira, 19 de junho de 2007 13:45
Para: Tomcat Users List
Assunto: Re: too many sessions serving from another context
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Paulo,
Paulo Alvim wrote:
> /app1/example.jsp
> (renders HTML with references to images being served from a servlet in
> another application (context):
>
> /app2/myImgs?name=image1.gif
> /app2/myImgs?name=image2.gif
> /app2/myImgs?name=image3.gif
>
> We're also using 'single singon' because we need it for another reason.
>
> The problem is that TC is creating 1 session for app1 and 3 sessions for
> app2 (one per image served)!
Often this happens because your login page does not correctly pass URLs
through HttpServletResponse.encodeURL. Make sure that URLs (even to
static content) contain ";jsessionid" unless you are absolutely sure
that your users will always have cookies available. Otherwise, you might
get a new session for every single request.
> 2. Is there a better way to declare specific URLs to not creating new
> sessions (ie: filter the myImgs servlet)?
I don't believe there is any way /at all/ to do this, unless you put a
web server in front of Tomcat to serve static content (which is not
necessary at all... just an option).
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGeAgp9CaO5/Lv0PARAiLSAJ9/2Oc8ohehoQb36TexDv1GydkHqgCgii9N
V0APPeYV+kGTpary2KURfSE=
=g3qj
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: too many sessions serving from another context
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Paulo,
Paulo Alvim wrote:
> /app1/example.jsp
> (renders HTML with references to images being served from a servlet in
> another application (context):
>
> /app2/myImgs?name=image1.gif
> /app2/myImgs?name=image2.gif
> /app2/myImgs?name=image3.gif
>
> We're also using 'single singon' because we need it for another reason.
>
> The problem is that TC is creating 1 session for app1 and 3 sessions for
> app2 (one per image served)!
Often this happens because your login page does not correctly pass URLs
through HttpServletResponse.encodeURL. Make sure that URLs (even to
static content) contain ";jsessionid" unless you are absolutely sure
that your users will always have cookies available. Otherwise, you might
get a new session for every single request.
> 2. Is there a better way to declare specific URLs to not creating new
> sessions (ie: filter the myImgs servlet)?
I don't believe there is any way /at all/ to do this, unless you put a
web server in front of Tomcat to serve static content (which is not
necessary at all... just an option).
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGeAgp9CaO5/Lv0PARAiLSAJ9/2Oc8ohehoQb36TexDv1GydkHqgCgii9N
V0APPeYV+kGTpary2KURfSE=
=g3qj
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org