You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by br...@amd.com on 2000/08/31 17:52:10 UTC
Apache, Tomcat, and a session
I am running apache 1.3.11 and tomcat 3.1 on NT. I am running tomcat
"under" apache.
Tomcat uses port 8080, and apache uses port 80.
I have a servlet (handled by tomcat) that redirects to a login page(handled
by apache), unless a LOGGED_ON value in the session is not null. The login
page posts the username and password back to the servlet. The servlet
stores a value for LOGGED_ON in the session if the received username and
password are valid. If the LOGGED_ON value is not null, the servlet
redirects to a page(handled by apache, which allows the user to upload a
file by posting to a servlet). I am using cookies for session tracking,
not URL re-writing.
This works fine if I always specify a port number (e.g. 80 for apache page,
8080 for the servlet).
However, when I leave the port numbers out of the URLs, two sessions are
created. The first, let's call it session A, is created when I first access
the servlet. When the servlet receives the posted data from the logon form,
a second session is in use (session B). Assuming a valid username and
password have been passed, session B then has a non-null LOGGED_ON value
stored in it's session. It redirects to the html form to upload a file.
When the file uploading servlet is accessed, it is session A trying to
access it, and session A is not logged on.
Why are two sessions created? What is the criteria for needing to create a
new session?
Is there a way to configure apache/tomcat so that I don't need to specify a
port? This would make life easier when the application moves to another
machine, as relative URLs could be used throughout the application.
Thanks,
Brian King