You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by "Kruse, Matt" <MK...@aquent.com> on 2003/05/09 22:22:04 UTC

Disable url session tracking?

Can I easily disable session tracking via url-rewriting somehow in Struts
1.1?
When users hit my first page, the links look like this:
file2.html;jsessionid=74291052317138369
which is ugly and unnecessary since all users will have cookies enabled.

Thanks,

Matt Kruse

Enable url session tracking

Posted by Stefan Trcko <st...@aladin-eng.si>.
How to enable url session tracking (;jsessionid=??????????) in Struts?

Thanks
Stefan


---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org

Re: Disable url session tracking?

Posted by Mark Lowe <ma...@talk21.com>.
nothing wrong with a session id if they're no cookies.... people making 
even rare support calls because they haven't cookies looks worse than a 
session id especially if you've wasted so much time thinking about 
switching this stuff off. If you boss/client looks at the site with 
cookies than the session id won't be in the url bar now would it!!



Venerdì, 9 mag 2003, alle 22:16 Europe/London, Ian Hunter ha scritto:

> What if they access the page with a wireless phone?  Or... Or...
>
> <duck />
>
> ----- Original Message -----
> From: "Kruse, Matt" <MK...@aquent.com>
> To: "Struts Users Mailing List (E-mail)" 
> <st...@jakarta.apache.org>
> Sent: Friday, May 09, 2003 4:22 PM
> Subject: Disable url session tracking?
>
>
>> Can I easily disable session tracking via url-rewriting somehow in 
>> Struts
>> 1.1?
>> When users hit my first page, the links look like this:
>> file2.html;jsessionid=74291052317138369
>> which is ugly and unnecessary since all users will have cookies 
>> enabled.
>>
>> Thanks,
>>
>> Matt Kruse
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: struts-user-help@jakarta.apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org

Re: Disable url session tracking?

Posted by Ian Hunter <ih...@hunterweb.net>.
What if they access the page with a wireless phone?  Or... Or... 

<duck />

----- Original Message ----- 
From: "Kruse, Matt" <MK...@aquent.com>
To: "Struts Users Mailing List (E-mail)" <st...@jakarta.apache.org>
Sent: Friday, May 09, 2003 4:22 PM
Subject: Disable url session tracking?


> Can I easily disable session tracking via url-rewriting somehow in Struts
> 1.1?
> When users hit my first page, the links look like this:
> file2.html;jsessionid=74291052317138369
> which is ugly and unnecessary since all users will have cookies enabled.
> 
> Thanks,
> 
> Matt Kruse
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org

Re: Disable url session tracking?

Posted by Erik Price <ep...@ptc.com>.

Kruse, Matt wrote:
> Can I easily disable session tracking via url-rewriting somehow in Struts
> 1.1?
> When users hit my first page, the links look like this:
> file2.html;jsessionid=74291052317138369
> which is ugly and unnecessary since all users will have cookies enabled.

You might be able to rewrite the contents of the URL using JavaScript, 
from an "onload" in the body tag.

Another trick you can use is "stealth forwarding" (silly name but that's 
what it's called).  Use a frameset with a single frame occupying the 
entire window.  The URL of the frameset's "master page" will be the URL 
that appears in the address bar, but the contents of the frame can be of 
any URL.  This is just like those annoying search engines like ask.com 
(they used to do this) where they keep a banner frame at the top of the 
screen while you continue to browse in the "main" frame, except that you 
don't even use a banner frame.

There are two gotchas.  One is that if the user clicks a link that leads 
offsite, the "master page" frameset will not have any idea and your URL 
will still be displayed.  You'll have to use JavaScript or some other 
trick to detect if the user clicks a link leading offsite.  The other 
gotcha is if you need the URL to display the user's location within your 
site.  Remember that the "master page" frameset URL doesn't get updated 
every time the user clicks a link, so if you're using stealth forwarding 
to keep the URL "http://mattkruse.com/" in the address bar, then when 
the user drills down to the resource at 
http://mattkruse.com/somedir/nextdir/someresource.jsp", this won't 
actually be reflected in the address bar.  Whether or not this is a 
problem is for you to decide.  (You could override this with JavaScript 
too, but then you may as well use the first suggestion at the top of 
this response.)



Erik


---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org

RE: Disable url session tracking?

Posted by Steve Raeburn <st...@ninsky.com>.
Excerpt from Struts in Action
by Ted N. Husted, Cedric Dumoulin, George Franciscus and
David Winterfeldt

Chapter available online at
http://developer.java.sun.com/developer/Books/javaprogrammin
g/struts/struts_chptr_03.pdf

"The jsessionid is a key maintained by the container to
track the user session via HTTP. Including the session key
in a hyperlink is called URL rewriting. The Servlet
Specification [Sun, JST] encourages the use of cookies to
maintain the session. When that is not possible, URL
rewriting is used instead. The first time a browser makes a
request to the container, the container does not know
whether the browser will accept a cookie. The container can
offer the browser a cookie, but can’t tell if it was
accepted until the next time a request is made. (HTTP has no
“handshaking.”) In the meantime, the response for the
current request must be written. So, the first page written
for a browser will always need to use URL rewriting. If on
subsequent requests the container finds that its cookie was
accepted, it can skip rewriting the URLs."

Steve


-----Original Message-----
From: Kruse, Matt [mailto:MKruse@aquent.com]
Sent: May 9, 2003 1:22 PM
To: Struts Users Mailing List (E-mail)
Subject: Disable url session tracking?


Can I easily disable session tracking via url-rewriting
somehow in Struts
1.1?
When users hit my first page, the links look like this:
file2.html;jsessionid=74291052317138369
which is ugly and unnecessary since all users will have
cookies enabled.

Thanks,

Matt Kruse


---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org