You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by "Ben Bookey, GIStec GmbH" <be...@gistec-online.de> on 2004/06/25 23:23:38 UTC

How to configure a Realm in the server.xml which doesnt ask the browser to store a session.



Dear List,

We have implemented the Realm with Oracle. It works fine. (see below from TC
sample server.xml)


      <!--
      <Realm  className="org.apache.catalina.realm.JDBCRealm" debug="99"
             driverName="oracle.jdbc.driver.OracleDriver"
          connectionURL="jdbc:oracle:thin:@ntserver:1521:ORCL"
         connectionName="scott" connectionPassword="tiger"
              userTable="users" userNameCol="user_name"
userCredCol="user_pass"
          userRoleTable="user_roles" roleNameCol="role_name" />
      -->

 However, we are wondering about upgrading our system so we dont use
cookies.
We believe (after earlier questions on the list! thanks! ) that this should
be easy to achieve. However, we use the integrated Tomcat security Realm
model,
and this automatically saves a JSESSIONID sesion id as a cookie to the
client browser. Is there a way around this? i.e. that this information
is sent over HTTP?
Would appreicate any info

regards
Ben




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org