tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: Possibility of Making JSESSIONID Configurable
Date Wed, 24 Sep 2008 14:53:26 GMT
Remy Maucherat wrote:
> On Wed, 2008-09-24 at 14:52 +0100, Mark Thomas wrote:
>> The 3.0 servlet spec mentions this (ie Tomcat 7) but there is nothing to
>> stop this being added to 6.0.x
> 
> I am not aware of such a proposal in Servlet 3.0 (session cookie
> configuration and tracking coinfig, but no config for the cookie name or
> URL parameter name).
It is in section 7.1.1 of the 3.0 early draft. It only applies to the
cookie name. Making the url parameter configurable would be non-spec
complaint but I don't see a good reason not to allow it if users have a
requirement for it.

> Esp making this configuration per context would a
> problem to manage, so -1 for that.
I don't see why. Looking at the code, this would be really simple. At least
wait until there is a proposed patch before trying to veto it.

> The fixed names are labelled as "MUST" in the sepc. OTOH, I had to
> accept a hidden system property for specific customers because of
> Weblo :( Definitely this is a showcase for bad policies of big
> proprietary vendors, and their bad consequences.
That depends if the customers had a genuine requirement to change the name
(not that I can think of one of hand). If they did then it is more the spec
not keeping pace with user requirements. Tomcat has a couple of non-spec
compliant configuration options as well.

Mark



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message