tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Costin Manolache <>
Subject Re: More on changes from 3.1 to 3.2 - how to do it now ?
Date Sat, 19 Aug 2000 16:18:16 GMT
> I think it is because at the time that we finished the work of embedding
> tomcat, the session management was not as polished as it is now (there
> was no SessionInterceptor).
> We ended up implementing putting the session_id as a field inside the path_info
> (for GET methods) or as hidden field (on POST methods).
> (One of the reasons is that we work with cookies disabled).
> I will investigate if changing to use the session URL rewrite functionality
> that is available on SessionUtils allows us to forgo what we were doing.
> (I looked at the code of SessionInterceptor but could not find where is there
> an invocation of the StandardSession.access() method).
> Perhaps you can point me at the code that deals with the 'refresh'
> (access) of the HttpSession object ?


BTW, what you were doing is very good !
IMHO it is a good idea to use  a session manager in
user space if your application have special
requirements - the resulting code is more portable than
depending on special features on the servlet container.

Please let me know if you need any special hook,
the intention was to allow other session managers
to be "plugged" into tomcat ( but since I had only
one there is no way to check if everything is right)


View raw message