tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Huy K Dung" <hd...@lending4all.com>
Subject RE: session from URL/Cookie
Date Wed, 03 Apr 2002 18:55:33 GMT
How do i encode URLs in Velocity Macro? I am using Tomcat and Turbine.

-----Original Message-----
From: Jeff Larsen [mailto:larsen@qec.com]
Sent: Thursday, March 28, 2002 10:36 AM
To: Tomcat Users List
Subject: Re: session from URL/Cookie


I'm not entirely sure I understand your problem, but I'll
take a stab at it anyway....

Typically, you don't need to worry about where the sessionid comes
from. Anywhere you send a redirect or put a link in a JSP or servlet
generated html, you should ALWAYS use HttpServletResponse.encodeURL() or
HttpServletResponse.encodeRedirectURL(). Once tomcat knows whether or
not the browser is using cookies, it will encode the URL as needed. If
cookies are enabled, the URL will be unchanged. If no cookies, the session
ID will be inserted. Tomcat does this for you. You don't need to worry about
it, just encode ALL URLs.

Jeff

----- Original Message -----
From: "Michael" <tomcat@meinsenf.at>
To: <tomcat-user@jakarta.apache.org>
Sent: Thursday, March 28, 2002 4:16 AM
Subject: session from URL/Cookie


>
> Hi!
>
> (tomcat 3.3.1)
>
> *** please help! ***
>
> my question (short version;-):
> client supports cookies and makes a request with session-encoded URL:
> request: http://myserver/testservlet;jsessionid=12121212
> isRequestedSessionIdFromURL() is false
> isRequestedSessionIdFromCookie() is true
> and
> getRequestURI() won't show the encoded sessionid!!!
>
> so how to find out, that the URL is encoded???
>
>
> question (long version):
>
> If a client request comes with no session (or an invalid session) I do:
>
> session = request.getSession(true); //create session
> result.sendRedirect(result.encodeRedirectURL(request.getRequestURI()));
//redirect to
the same page, so the next request comes with valid session
>
> - tomcat can't know, whether my browser supports cookies the time it
creates the session
or not
> - so it encodes the sessionid into the URL
> - after the redirect, I can check, if the client's browser supports
cookies
(isRequestedSessionIdFromURL() /Cookie()) - this works in any case, because
the URL is
encoded!!!
> my problem:
> - now I would like to make another redirect, if the browser supports
cookies (so the
sessionid won't be visible in the URL again) or leave the session id in the
encoded URL
(if it doesn't support cookies)
>
> BUT how to check, if the sessionid is encoded into the URL, when the
browser supports
cookies???
> isRequestedSessionIdFromURL() is false
> isRequestedSessionIdFromCookie() is true
> and
> getRequestURI() won't show the encoded sessionid!!!
>
> an example:
> client request: http://myserver/testservlet (no session)
> -> create new session - redirect to same page
> client request: http://myserver/testservlet;jsessionid=12121212
> -> now tomcat sees if the browser supports cookies or not - but how do I
recognize, that
the URL is encoded?
> another redirect to the same page would do
> request: http://myserver/testservlet;jsessionid=12121212
> request: http://myserver/testservlet
>
>
> thanks
> michi


----------------------------------------------------------------------------
----


> --
> To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
> Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message