tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "James Morgenstein" <>
Subject RE: Strange Session Behavior....
Date Fri, 24 Nov 2000 22:36:34 GMT
A little further information on my session behavior problem.

I have disabled class reloading via the server.xml.

I have not seen the encodeURL command fail during testing, in fact, I was
having the same session problem when I was using cookies!  I switched to URL
rewriting because I thought the problem might be people who had cookies

Part of my problem may be using encodeURL() for all my links instead of
encodeRedirectURL().  Does anyone know the difference between these methods?

The biggest mystery here remains that this behavior is inconsistent.
Everything works great for most users, but in a few cases, I am getting this
bean instantiation error....

Thanks for the help.


-----Original Message-----
From: Ralph Einfeldt []
Sent: Thursday, November 23, 2000 2:48 AM
To: ''
Subject: AW: Strange Session Behavior....

> -----Urspr√ľngliche Nachricht-----
> Von: Craig R. McClanahan []
> Gesendet: Mittwoch, 22. November 2000 22:34
> An:
> Betreff: Re: Strange Session Behavior....
> Sessions get destroyed only when they time out or when you
> invalidate them.
- What happens if classes are reloaded ?
  Good old jserv used to invalidate the session a soon
  as one class was reloaded due to a change.
> However, I'd bet the cause of your problem is a forgotten call to
> response.encodeURL().  This will cause the next request in to start a
> session -- and if that request goes directly to a JSP page (so your
> construction hasn't yet had a chance to execute) you will get the
results you
> see.
Although your guess is the most likely, there might be two further valid
- encodeURL() is not working correct under all conditions
- tomcat sometime creates sessions

Message to the original poster James Morgenstein:
All three guesses can be validated through following test:
  run a site grabber (like wget) and look at the url's
  this way you can find if the session id changes somewhere
  or is missing.
  Analyse what you saw ...

View raw message