tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: CrawlerSessionManagerValve and Response.encodeURL(..)
Date Tue, 15 Mar 2011 14:40:01 GMT
On 15/03/2011 14:28, Konstantin Kolinko wrote:
> Hi!
> 
> The CrawlerSessionManagerValve sets sessionId from ip address as
> 
>   request.setRequestedSessionId(sessionInfo.getSessionId());
> 
> I have not checked, but I suspect that the Response.encodeURL(..)
> calls in the web application
> will still be including the session id into the URLs.

I don't think it is an issue. If the app is encoding the session ID and
the client is returning it with the next request then there is no need
for this valve.

My test case for this feature is the ASF Jira instance which is
currently running at around 7,000 concurrent sessions rather than the
130,000 it had before this valve was used. I have plans to look further
at those 7,000 sessions and may tweak the valve further but I suspect
the changes will be in the pattern used to identify bot-type user agents.

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message