You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by ALEXANDROS KOTSIRAS <AL...@prodigy.net> on 2002/05/31 10:15:00 UTC
Re: Session Tracking
That's a cool idea. Have you tried it ?
You mean that if you place manually the session id to the URL then in the
requested servlet/jsp if you do
request.getSession() it will give you the session corresponding to the ID
that you appended .
I have to try this .. please let me know if it works for you.
Also i think that according ot the 2.2 specification the name that you give
to the session ID has to be specific, i think "JsessionId", i have to look
it in the specs...
----- Original Message -----
From: Jeff Rhines <jr...@email.com>
To: <to...@jakarta.apache.org>
Sent: Tuesday, May 30, 2000 7:47 PM
Subject: RE: Session Tracking
> How about this: do the URL encoding yourself, putting the session id into
> the URL just as the dev kit is supposed to. It's not the retrieving the
> session from an id that is broke, just the encodeURL, correct? So if one
> were to provide the id in all cases, would that work?
>
> Just an after-dinner thought,
>
> Jeff
>
> > -----Original Message-----
> > From: Alexandros Kotsiras [mailto:kotsiras@mediaondemand.com]
> > Sent: Tuesday, May 30, 2000 12:29 PM
> > To: tomcat-user@jakarta.apache.org
> > Subject: RE: Session Tracking
> >
> >
> > You will have to use the HttpSessionContext Interface which
> > allows you to
> > get a session object from the sessionID.
> > The problem is that this approach was deprecated in the 2.1
> > API because
> > probably it is a security risk to retrieve sessions given a
> > session ID.
> > Unfortunatelly there is no other way, and it seems that the
> > Servlet Engine
> > HAS to support URL rewriting , otherwise session tracking with cookies
> > disabled is imposible.
> > I hope that URLRewriting will be supported in the next
> > version of Tomcat.
> > It's strange that it is not working in the current version because in
> > JServ1.1 URLRewriting was working fine..
> >
> > -----Original Message-----
> > From: Naga Yerramsetti [mailto:naga@tems.com]
> > Sent: Tuesday, May 30, 2000 1:01 PM
> > To: tomcat-user@jakarta.apache.org
> > Subject: Session Tracking
> >
> >
> > Is there a way to hold a session even if the server won't
> > support the URL
> > rewriting and browser doesn't allow cookies.
> >
> > Can I include session ID as a hidden parameter and get the
> > session using
> > session ID in the next page.
> > If so, how can I get the session using the sessionID.
> >
> > Thanks in advance,
> > Naga
> >
> >
> > --------------------------------------------------------------
> > ------------
> > To unsubscribe, email: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commmands, email: tomcat-user-help@jakarta.apache.org
> >
> >
> > --------------------------------------------------------------
> > ------------
> > To unsubscribe, email: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commmands, email: tomcat-user-help@jakarta.apache.org
> >
> >
> >
>
>
> --------------------------------------------------------------------------
> To unsubscribe, email: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commmands, email: tomcat-user-help@jakarta.apache.org
>