You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Michael Jouravlev <jm...@gmail.com> on 2005/06/16 09:18:21 UTC
isRequestedSessionIdFromURL() returns false
Hi, I hope am I in the right mail-list with this question. I guess
that if I use Tomcat, then HttpRequest.isRequestedSessionIdFromURL()
is implemented by Tomcat.
I have a request, which contains *both* session ID in cookie *and*
session ID in the rewritten URL. isRequestedSessionIdFromCookie()
return true, but isRequestedSessionIdFromURL() returns false. It seems
that isRequestedSessionIdFromURL() should return true. Is this a bug?
I am using Tomcat 4.1.31.
Michael.
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: isRequestedSessionIdFromURL() returns false
Posted by Michael Jouravlev <jm...@gmail.com>.
I already tried it, and it did not work. Session ID is separated by
semicolon, not by question mark or ampersand. It is treated
differently and is not shown as URL parameter.
Thanks anyway.
On 6/16/05, Jon Wingfield <jo...@mkodo.com> wrote:
> Something like this maybe:
>
> String url = request.getRequestURL().toString();
> if (url.indexOf("jsessionid")>-1
> && url.indexOf(request.getRequestedSessionId())>-1) {
> // do redirect
> }
>
> Jon
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: isRequestedSessionIdFromURL() returns false
Posted by Jon Wingfield <jo...@mkodo.com>.
Something like this maybe:
String url = request.getRequestURL().toString();
if (url.indexOf("jsessionid")>-1
&& url.indexOf(request.getRequestedSessionId())>-1) {
// do redirect
}
Jon
Michael Jouravlev wrote:
> If both methods return true, they would identify the first request
> after session has been established with browser which supports
> cookies. I try to keep GET requests clean to encourage browser to keep
> its page history from growing. When I detect this request, I perform a
> redirect to the same location to clean URL up. After redirection URL
> will be clean, because session ID will be contained in cookie only. I
> need to do this only once.
>
> With isRequestedSessionIdFromURL() returning false I cannot do what I
> need :-( Any ideas?
>
> Michael.
>
>
>>Interesting question.
>>
>>The Servlet 2.3 spec says:
>>"
>>public boolean isRequestedSessionIdFromURL()
>>Checks whether the requested session ID came in as part of the request URL.
>>Returns: true if the session ID came in as part of a URL; otherwise,
>>false"
>>
>>I would interpret it this way: if the session id, which should be used
>>was extracted from the URL, then return true.
>>If however the cookie contains the same id and was checked first (which
>>is default I think) then the requested session id came from the cookie!
>>Imagine what would happen if always both would be checked and URL and
>>cookie would contain 2 different ids.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: isRequestedSessionIdFromURL() returns false
Posted by Michael Jouravlev <jm...@gmail.com>.
If both methods return true, they would identify the first request
after session has been established with browser which supports
cookies. I try to keep GET requests clean to encourage browser to keep
its page history from growing. When I detect this request, I perform a
redirect to the same location to clean URL up. After redirection URL
will be clean, because session ID will be contained in cookie only. I
need to do this only once.
With isRequestedSessionIdFromURL() returning false I cannot do what I
need :-( Any ideas?
Michael.
> Interesting question.
>
> The Servlet 2.3 spec says:
> "
> public boolean isRequestedSessionIdFromURL()
> Checks whether the requested session ID came in as part of the request URL.
> Returns: true if the session ID came in as part of a URL; otherwise,
> false"
>
> I would interpret it this way: if the session id, which should be used
> was extracted from the URL, then return true.
> If however the cookie contains the same id and was checked first (which
> is default I think) then the requested session id came from the cookie!
> Imagine what would happen if always both would be checked and URL and
> cookie would contain 2 different ids.
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: isRequestedSessionIdFromURL() returns false
Posted by Christoph Kutzinski <ku...@gmx.de>.
Michael Jouravlev wrote:
> Hi, I hope am I in the right mail-list with this question. I guess
> that if I use Tomcat, then HttpRequest.isRequestedSessionIdFromURL()
> is implemented by Tomcat.
>
> I have a request, which contains *both* session ID in cookie *and*
> session ID in the rewritten URL. isRequestedSessionIdFromCookie()
> return true, but isRequestedSessionIdFromURL() returns false. It seems
> that isRequestedSessionIdFromURL() should return true. Is this a bug?
Interesting question.
The Servlet 2.3 spec says:
"
public boolean isRequestedSessionIdFromURL()
Checks whether the requested session ID came in as part of the request URL.
Returns: true if the session ID came in as part of a URL; otherwise,
false"
I would interpret it this way: if the session id, which should be used
was extracted from the URL, then return true.
If however the cookie contains the same id and was checked first (which
is default I think) then the requested session id came from the cookie!
Imagine what would happen if always both would be checked and URL and
cookie would contain 2 different ids.
Christoph
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org