tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Craig R. McClanahan" <craig...@apache.org>
Subject Re: Tomcat refusing jsessionid's
Date Mon, 27 May 2002 17:33:31 GMT


On Sat, 25 May 2002, tek1 wrote:

> Date: Sat, 25 May 2002 23:45:12 +0900
> From: tek1 <tek1@pobox.com>
> Reply-To: Tomcat Users List <tomcat-user@jakarta.apache.org>
> To: Tomcat Users List <tomcat-user@jakarta.apache.org>
> Subject: Re: Tomcat refusing jsessionid's
>
> is it possible for a client to append JSESSIONID=<sessionId> to the url
> (i.e.
> http://theurl.com/theservlet?JSESSIONID=A4A0314540585318A4F5E327F1457375)
> and still use the POST method, or is the usage of GET mandatory?
>

Sessions work just fine with both GET and POST -- but they are guaranteed
to fail if used in the manner you described above.  The reason for this is
that session ids are *path* parameters, not *query* parameters.  In
addition, the parameter name is "jsessionid" instead of "JSESSIONID".  Try
something like this instead:

 http://theurl.com/theservlet;jsessionid=A4A0314540585318A4F5E327F1457375

(Note the semicolon rather than the question mark).

See the servlet specification
(http://java.sun.com/products/servlet/download.html) and the relevant RFCs
about URL syntax, to understand the differences.


> thanks.

Craig


--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message