You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by "Klemme, Robert, myview" <ro...@myview.de> on 2001/01/23 11:43:27 UTC
Re: Session url rewriting
hi there!
the original e-mail of craig dates some months back.
> When a session is first created, Tomcat has no way to know whether
> session cookies are supported by the browser. Therefore, to be safe, it
> sends the session ID both ways (by cookie and by modifying URLs that you
> submit to response.encodeURL calls). On subsequent requests that are
> part of this session, Tomcat will notice that it received the session ID
> via a cookie, so it will stop doing the rewriting.
i wonder whether anything has changed here, especially whether there is a
configuration option (possibly in server.xml) that switches cookies for
session tracking of.
thanks a lot
robert
--
Robert Klemme
Software Engineer
-------------------------------------------------------------
myview technologies GmbH & Co. KG
Riemekestraße 160 ~ D-33106 Paderborn ~ Germany
E-Mail: mailto:robert.klemme@myview.de
Telefon: +49/5251/69090-321 ~ Fax: +49/5251/69090-399
-------------------------------------------------------------
Re: Session url rewriting
Posted by "Craig R. McClanahan" <Cr...@eng.sun.com>.
"Klemme, Robert, myview" wrote:
> hi there!
>
> the original e-mail of craig dates some months back.
>
> > When a session is first created, Tomcat has no way to know whether
> > session cookies are supported by the browser. Therefore, to be safe, it
> > sends the session ID both ways (by cookie and by modifying URLs that you
> > submit to response.encodeURL calls). On subsequent requests that are
> > part of this session, Tomcat will notice that it received the session ID
> > via a cookie, so it will stop doing the rewriting.
>
> i wonder whether anything has changed here, especially whether there is a
> configuration option (possibly in server.xml) that switches cookies for
> session tracking of.
>
Yes ... answer depends on version.
Tomcat 3.2: Search in "conf/server.xml" for the string "noCookies" and set the
corresponding attribute to "true". This is global to the entire JVM, and
therefore all webapps.
Tomcat 4.0: You can make a choice of cookies versus not for each webapp
individually (default is to use cookies if they are supported). To turn them
off, create a context entry like this:
<Context path="/foo" docBase="foo" cookies="false" ... />
>
> thanks a lot
>
> robert
>
Craig