struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adam Hardy <ahardy.str...@cyberspaceroad.com>
Subject Re: [OT] Session ID in the URL
Date Thu, 16 Jun 2005 11:29:39 GMT
On 16/06/05 05:51&nbsp;Michael Jouravlev wrote:
> Was celebrating too early. Does not work. Here what happens. * Very
> first request to the app. Session is created on server. * Application
> redirects to whatever location, server sets cookie with jsessionid in
> the response, and at the same time adds jsessionid to the URL *
> Browser navigates to the redirected location, it replies with 
> jsessionid in the cookie, so next time server won't rewrite URL. 
> But!!! There is another jsessionid, which was appended to the URL in 
> the redirected request. I want to detect this one.
> 
> The problem is, that redirected request contains *both* session ID in
>  cookie and session ID in the rewritten URL. Stupid 
> isRequestedSessionIdFromURL() returns false, because it thinks that I
>  should be happy by isRequestedSessionIdFromCookie() returning true.
> 
> But I want to know both pieces of info: that there is session ID in 
> the cookie, and that there session ID in the URL!

It's not stupid, it returns a boolean informing you where the 
session.getId() gets its info from. Makes sense to me.

Although you have my sympathy, wanting something from the API that it 
just doesn't want to give. Why do you need it? Looks like you would have 
to hack tomcat to get it.


Adam

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message