Session ID always being appended even with cookies enabled?

[David Erickson <de...@cmcflex.com>]

Well I've been setting up struts and for some reason struts is always
rewriting my urls with the session id in it, even though I know for sure
that cookies are enabled.. I know this is pretty vague but does anyone know
what would cause this?
thanks
-David


---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org

Re: Session ID always being appended even with cookies enabled?

["Craig R. McClanahan" <cr...@apache.org>]

On Wed, 2 Jul 2003, David Erickson wrote:

> Date: Wed, 2 Jul 2003 11:07:52 -0600
> From: David Erickson <de...@cmcflex.com>
> Reply-To: Struts Users Mailing List <st...@jakarta.apache.org>
> To: Struts Mailing List <st...@jakarta.apache.org>
> Subject: Session ID always being appended even with cookies enabled?
>
> Well I've been setting up struts and for some reason struts is always
> rewriting my urls with the session id in it, even though I know for sure
> that cookies are enabled.. I know this is pretty vague but does anyone know
> what would cause this?

Tomcat (at least) is pretty conservative about deciding whether the client
supports cookies or not.  On the first request for a session, it sends the
session id both ways (encoded and cookie), and only turns off encoding if
the subsequent request actually included the cookie.

If you're still seeing encoded URLs on the second (and later) requests,
you probably either have a client problem with cookies, and/or some sort
of proxy or filter in between you and the server that might be swiping the
session id cookie.

> thanks
> -David

Craig

---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org

Re: Session ID always being appended even with cookies enabled?

[JavaXML Developer <ja...@yahoo.com>]

What you are seeing is "jsesssionid". The jsessionid is a key maintained by the container to track the user session via HTTP. Including the session key in the hyperlink is called URL rewriting. The Servlet Specification encourages the use of cookies to maintain the session. When that is not possible, URL rewriting is used instead. The first time browser makes a request to the container, the container does not know whether the browser will accept a cookie. The container can offer the browser a cookie, but can't tell if it was accepted until the next time a request is made. (HTTP has no "handshaking".) In the meantime, the response for the current request must be written. So, the first page written for a browser will always need to use URL rewriting. If no subsequent requests the container finds that its cookie was accepted. It can skip rewriting the URLs.
 
Hope this answers your question.
 
-Vicky

David Erickson <de...@cmcflex.com> wrote:
Well I've been setting up struts and for some reason struts is always
rewriting my urls with the session id in it, even though I know for sure
that cookies are enabled.. I know this is pretty vague but does anyone know
what would cause this?
thanks
-David


---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org


---------------------------------
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!