cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Antonio Gallardo" <>
Subject [Authentication] - Generate javascript using XSP
Date Sat, 30 Nov 2002 08:32:44 GMT
Hi Cococoners!

I am currently an application that is currently running on a test mode
with a small amount of users (20) in a Intranet environment. With the
following characteristics:

The application is running behind a proxy.
The app use the authentication framework.
The app have a page called welcome that show the current user.

I am currently having problem with session management:

The users told me that sometimes when they are already authenticated and
request the welcome page, the response present another user.

The page is called with http://internalserver:8080/theapp/welcome

I think that this can be done because the proxy is returning a cached page
from another user. Because the request has the same URI from every user
(as long as I can see). The request URI does not have info about sessions.
But I read in the book from Carsten and Mathhew on page 303 (second
paragraph from the end):

"The default is usually to use cookies, because the developer of the web
application does not need to do anything special to use them. ..."

Please Dont let me wrong. I now that the problem is caused by me. :-D

The menu of the application is a static Javascript file served with a
reader. This file hs no info about sessions. Now I realized that in order
to "set" a session into the request I need to include a parameter with the
SessionID for every request. I does not include it before because the
quote above.

With this scenario my questions is:

How I can ensure that every request URI from the user will have the
SessionID included or use the default cookies?

For me this is not a trivial question, because:

I thinked first: "OK, I will generate the menu.js on ther fly using XSP."

But after think a while I realized that this issue will fall again in the
same category as the http://internalserver:8080/theapp/welcome explained
above. :-(

Please tell me what can I do?

I am currently thinking in calling the menu.js with the sessionID too.

This will work or there is another easier way to do that?

Many thanks in advance,

Antonio Gallardo.

Please check that your question  has not already been answered in the
FAQ before posting.     <>

To unsubscribe, e-mail:     <>
For additional commands, e-mail:   <>

View raw message