You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by "Prashanth.S" <su...@yahoo.com> on 2003/10/08 09:59:37 UTC
urlrewriting Vs Cookies
Hi all,
i want to know that among urlrewriting and cookies,which one is better???If i dont want to use cookies is there any otherway to do session invalidation[other than url rewriting]..Iam using resin.
Thanks
Prashanth
---------------------------------
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search
Re: urlrewriting Vs Cookies
Posted by Wolfgang Woger <jw...@chello.at>.
Navjot Singh wrote:
>theoretcially, there are 3 ways.
>
>1. URL Rewriting
>2. Client side Cookies
>3. Server side Session (again use cookies but just for an ID)
>
>if you are adamant about not using cookies at any level. URL rewriting is
>the only option left.
>
>any other?
>
>
Server side Session of course and - I use hidden fields,
you need a form on every page, but if you need only a link, make a form
without input type=text and with CSS you can make a button looklike a
link or anything you want.
Wolfgang
>navjot singh
>
>
>
>>-----Original Message-----
>>From: Prashanth.S [mailto:suman291857@yahoo.com]
>>Sent: Wednesday, October 08, 2003 1:30 PM
>>To: struts-user@jakarta.apache.org
>>Subject: urlrewriting Vs Cookies
>>
>>
>>Hi all,
>>i want to know that among urlrewriting and cookies,which one is
>>better???If i dont want to use cookies is there any otherway to do
>>session invalidation[other than url rewriting]..Iam using resin.
>>Thanks
>>Prashanth
>>
>>
>>
>>
>>---------------------------------
>>Do you Yahoo!?
>>The New Yahoo! Shopping - with improved product search
>>
>>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: struts-user-help@jakarta.apache.org
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org
Re: urlrewriting Vs Cookies
Posted by "Craig R. McClanahan" <cr...@apache.org>.
Prashanth.S wrote:
>But this doesnt solve my problem as it says me to use url rewriting..
>Thanks
>Prashanth
>
If you use the Struts tags for generating hyperlinks, you get support
for either for free ... and you as a developer don't have to worry about
doing something special.
Craig
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org
Re: urlrewriting Vs Cookies
Posted by "Prashanth.S" <su...@yahoo.com>.
But this doesnt solve my problem as it says me to use url rewriting..
Thanks
Prashanth
Mark Lowe <ma...@talk21.com> wrote:
I'd have though cookie use was upto the user rather than your client.
http://jakarta.apache.org/struts/userGuide/struts-html.html#link
On Wednesday, October 8, 2003, at 12:16 PM, Prashanth.S wrote:
> Hi navjot,
> My clients doesnt want me to use cookies....So that my application
> should run even for users who have disabled cookies...The problem with
> url-rewriting is that jsessionid is maintained across applications so
> that if any one get url of the application they can go through the
> application from any corner of the world[where as the expected
> behaviour is session time out error]...Any suggestions for this
> problem???
> Thanks
> Prashanth
>
>
> Navjot Singh wrote:
> here is the clue.
>
> cookies are again of two types.
>
> + persistent - will remain there even if you close browser and opens
> next
> day.
> + non-persistent/session - the moment you close browser window they are
> gone. These also work only under child browser windows.
>
> So, i assume you are looking for session cookies.
>
> If you love URL rewriting, you can disable the user session after 10
> minutes
> of inactivity. Depends on how much pain would you like to take for it
> and
> how secure you wish your application to be.
>
> HTH
> Navjot Singh
>
>>
>> Hi navjot,
>> Thanks for the reply...But the problem with url rewriting is that
>> jsessionid is maintained across browsers so that users can access
>> the application if they get the url..[even on other system the
>> application work if u get the url]..so is there any other option???
>> Thanks
>> Prashanth
>>
>>
>> Navjot Singh wrote:
>> theoretcially, there are 3 ways.
>>
>> 1. URL Rewriting
>> 2. Client side Cookies
>> 3. Server side Session (again use cookies but just for an ID)
>>
>> if you are adamant about not using cookies at any level. URL
>> rewriting is
>> the only option left.
>>
>> any other?
>> navjot singh
>>
>>> -----Original Message-----
>>> From: Prashanth.S [mailto:suman291857@yahoo.com]
>>> Sent: Wednesday, October 08, 2003 1:30 PM
>>> To: struts-user@jakarta.apache.org
>>> Subject: urlrewriting Vs Cookies
>>>
>>>
>>> Hi all,
>>> i want to know that among urlrewriting and cookies,which one is
>>> better???If i dont want to use cookies is there any otherway to do
>>> session invalidation[other than url rewriting]..Iam using resin.
>>> Thanks
>>> Prashanth
>>>
>>>
>>>
>>>
>>> ---------------------------------
>>> Do you Yahoo!?
>>> The New Yahoo! Shopping - with improved product search
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: struts-user-help@jakarta.apache.org
>>
>>
>> ---------------------------------
>> Do you Yahoo!?
>> The New Yahoo! Shopping - with improved product search
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: struts-user-help@jakarta.apache.org
>
>
> ---------------------------------
> Do you Yahoo!?
> The New Yahoo! Shopping - with improved product search
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org
---------------------------------
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search
Re: urlrewriting Vs Cookies
Posted by Mark Lowe <ma...@talk21.com>.
I'd have though cookie use was upto the user rather than your client.
http://jakarta.apache.org/struts/userGuide/struts-html.html#link
On Wednesday, October 8, 2003, at 12:16 PM, Prashanth.S wrote:
> Hi navjot,
> My clients doesnt want me to use cookies....So that my application
> should run even for users who have disabled cookies...The problem with
> url-rewriting is that jsessionid is maintained across applications so
> that if any one get url of the application they can go through the
> application from any corner of the world[where as the expected
> behaviour is session time out error]...Any suggestions for this
> problem???
> Thanks
> Prashanth
>
>
> Navjot Singh <na...@net4india.net> wrote:
> here is the clue.
>
> cookies are again of two types.
>
> + persistent - will remain there even if you close browser and opens
> next
> day.
> + non-persistent/session - the moment you close browser window they are
> gone. These also work only under child browser windows.
>
> So, i assume you are looking for session cookies.
>
> If you love URL rewriting, you can disable the user session after 10
> minutes
> of inactivity. Depends on how much pain would you like to take for it
> and
> how secure you wish your application to be.
>
> HTH
> Navjot Singh
>
>>
>> Hi navjot,
>> Thanks for the reply...But the problem with url rewriting is that
>> jsessionid is maintained across browsers so that users can access
>> the application if they get the url..[even on other system the
>> application work if u get the url]..so is there any other option???
>> Thanks
>> Prashanth
>>
>>
>> Navjot Singh wrote:
>> theoretcially, there are 3 ways.
>>
>> 1. URL Rewriting
>> 2. Client side Cookies
>> 3. Server side Session (again use cookies but just for an ID)
>>
>> if you are adamant about not using cookies at any level. URL
>> rewriting is
>> the only option left.
>>
>> any other?
>> navjot singh
>>
>>> -----Original Message-----
>>> From: Prashanth.S [mailto:suman291857@yahoo.com]
>>> Sent: Wednesday, October 08, 2003 1:30 PM
>>> To: struts-user@jakarta.apache.org
>>> Subject: urlrewriting Vs Cookies
>>>
>>>
>>> Hi all,
>>> i want to know that among urlrewriting and cookies,which one is
>>> better???If i dont want to use cookies is there any otherway to do
>>> session invalidation[other than url rewriting]..Iam using resin.
>>> Thanks
>>> Prashanth
>>>
>>>
>>>
>>>
>>> ---------------------------------
>>> Do you Yahoo!?
>>> The New Yahoo! Shopping - with improved product search
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: struts-user-help@jakarta.apache.org
>>
>>
>> ---------------------------------
>> Do you Yahoo!?
>> The New Yahoo! Shopping - with improved product search
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: struts-user-help@jakarta.apache.org
>
>
> ---------------------------------
> Do you Yahoo!?
> The New Yahoo! Shopping - with improved product search
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org
RE: urlrewriting Vs Cookies
Posted by "Prashanth.S" <su...@yahoo.com>.
Hi navjot,
My clients doesnt want me to use cookies....So that my application should run even for users who have disabled cookies...The problem with url-rewriting is that jsessionid is maintained across applications so that if any one get url of the application they can go through the application from any corner of the world[where as the expected behaviour is session time out error]...Any suggestions for this problem???
Thanks
Prashanth
Navjot Singh <na...@net4india.net> wrote:
here is the clue.
cookies are again of two types.
+ persistent - will remain there even if you close browser and opens next
day.
+ non-persistent/session - the moment you close browser window they are
gone. These also work only under child browser windows.
So, i assume you are looking for session cookies.
If you love URL rewriting, you can disable the user session after 10 minutes
of inactivity. Depends on how much pain would you like to take for it and
how secure you wish your application to be.
HTH
Navjot Singh
>
>Hi navjot,
>Thanks for the reply...But the problem with url rewriting is that
>jsessionid is maintained across browsers so that users can access
>the application if they get the url..[even on other system the
>application work if u get the url]..so is there any other option???
>Thanks
>Prashanth
>
>
>Navjot Singh wrote:
>theoretcially, there are 3 ways.
>
>1. URL Rewriting
>2. Client side Cookies
>3. Server side Session (again use cookies but just for an ID)
>
>if you are adamant about not using cookies at any level. URL rewriting is
>the only option left.
>
>any other?
>navjot singh
>
>>-----Original Message-----
>>From: Prashanth.S [mailto:suman291857@yahoo.com]
>>Sent: Wednesday, October 08, 2003 1:30 PM
>>To: struts-user@jakarta.apache.org
>>Subject: urlrewriting Vs Cookies
>>
>>
>>Hi all,
>>i want to know that among urlrewriting and cookies,which one is
>>better???If i dont want to use cookies is there any otherway to do
>>session invalidation[other than url rewriting]..Iam using resin.
>>Thanks
>>Prashanth
>>
>>
>>
>>
>>---------------------------------
>>Do you Yahoo!?
>>The New Yahoo! Shopping - with improved product search
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: struts-user-help@jakarta.apache.org
>
>
>---------------------------------
>Do you Yahoo!?
>The New Yahoo! Shopping - with improved product search
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org
---------------------------------
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search
RE: urlrewriting Vs Cookies
Posted by Navjot Singh <na...@net4india.net>.
here is the clue.
cookies are again of two types.
+ persistent - will remain there even if you close browser and opens next
day.
+ non-persistent/session - the moment you close browser window they are
gone. These also work only under child browser windows.
So, i assume you are looking for session cookies.
If you love URL rewriting, you can disable the user session after 10 minutes
of inactivity. Depends on how much pain would you like to take for it and
how secure you wish your application to be.
HTH
Navjot Singh
>
>Hi navjot,
>Thanks for the reply...But the problem with url rewriting is that
>jsessionid is maintained across browsers so that users can access
>the application if they get the url..[even on other system the
>application work if u get the url]..so is there any other option???
>Thanks
>Prashanth
>
>
>Navjot Singh <na...@net4india.net> wrote:
>theoretcially, there are 3 ways.
>
>1. URL Rewriting
>2. Client side Cookies
>3. Server side Session (again use cookies but just for an ID)
>
>if you are adamant about not using cookies at any level. URL rewriting is
>the only option left.
>
>any other?
>navjot singh
>
>>-----Original Message-----
>>From: Prashanth.S [mailto:suman291857@yahoo.com]
>>Sent: Wednesday, October 08, 2003 1:30 PM
>>To: struts-user@jakarta.apache.org
>>Subject: urlrewriting Vs Cookies
>>
>>
>>Hi all,
>>i want to know that among urlrewriting and cookies,which one is
>>better???If i dont want to use cookies is there any otherway to do
>>session invalidation[other than url rewriting]..Iam using resin.
>>Thanks
>>Prashanth
>>
>>
>>
>>
>>---------------------------------
>>Do you Yahoo!?
>>The New Yahoo! Shopping - with improved product search
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: struts-user-help@jakarta.apache.org
>
>
>---------------------------------
>Do you Yahoo!?
>The New Yahoo! Shopping - with improved product search
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org
RE: urlrewriting Vs Cookies
Posted by "Prashanth.S" <su...@yahoo.com>.
Hi navjot,
Thanks for the reply...But the problem with url rewriting is that jsessionid is maintained across browsers so that users can access the application if they get the url..[even on other system the application work if u get the url]..so is there any other option???
Thanks
Prashanth
Navjot Singh <na...@net4india.net> wrote:
theoretcially, there are 3 ways.
1. URL Rewriting
2. Client side Cookies
3. Server side Session (again use cookies but just for an ID)
if you are adamant about not using cookies at any level. URL rewriting is
the only option left.
any other?
navjot singh
>-----Original Message-----
>From: Prashanth.S [mailto:suman291857@yahoo.com]
>Sent: Wednesday, October 08, 2003 1:30 PM
>To: struts-user@jakarta.apache.org
>Subject: urlrewriting Vs Cookies
>
>
>Hi all,
>i want to know that among urlrewriting and cookies,which one is
>better???If i dont want to use cookies is there any otherway to do
>session invalidation[other than url rewriting]..Iam using resin.
>Thanks
>Prashanth
>
>
>
>
>---------------------------------
>Do you Yahoo!?
>The New Yahoo! Shopping - with improved product search
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org
---------------------------------
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search
RE: urlrewriting Vs Cookies
Posted by Navjot Singh <na...@net4india.net>.
theoretcially, there are 3 ways.
1. URL Rewriting
2. Client side Cookies
3. Server side Session (again use cookies but just for an ID)
if you are adamant about not using cookies at any level. URL rewriting is
the only option left.
any other?
navjot singh
>-----Original Message-----
>From: Prashanth.S [mailto:suman291857@yahoo.com]
>Sent: Wednesday, October 08, 2003 1:30 PM
>To: struts-user@jakarta.apache.org
>Subject: urlrewriting Vs Cookies
>
>
>Hi all,
>i want to know that among urlrewriting and cookies,which one is
>better???If i dont want to use cookies is there any otherway to do
>session invalidation[other than url rewriting]..Iam using resin.
>Thanks
>Prashanth
>
>
>
>
>---------------------------------
>Do you Yahoo!?
>The New Yahoo! Shopping - with improved product search
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org
Re: urlrewriting Vs Cookies
Posted by Mark Lowe <ma...@talk21.com>.
Hi Prashanth
IMHO if you thinking about these as separate things then you're
thinking wrong. Sessions use url encoding and cookies to maintain
state. But when site building you shouldn't need to drill down this far.
Folks often think it clever to manipulated cookies, cos it looks real
clever..
Personally I think about sessions., not geeky nonesense like messing
with cookies. If you use <html:link or c:url then your url's will be
encoded and you can stop listening to folks who talk such nonesense..
Cheers Mark
On Wednesday, October 8, 2003, at 08:59 AM, Prashanth.S wrote:
> Hi all,
> i want to know that among urlrewriting and cookies,which one is
> better???If i dont want to use cookies is there any otherway to do
> session invalidation[other than url rewriting]..Iam using resin.
> Thanks
> Prashanth
>
>
>
>
> ---------------------------------
> Do you Yahoo!?
> The New Yahoo! Shopping - with improved product search
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org