Return-Path: 
 <tomcat-user-return-31529-qmlist-jakarta-archive-tomcat-user=jakarta.apache.org@jakarta.apache.org>
Delivered-To: apmail-jakarta-tomcat-user-archive@apache.org
Received: (qmail 65532 invoked from network); 29 Aug 2002 14:27:30 -0000
Received: from unknown (HELO nagoya.betaversion.org) (192.18.49.131)
  by daedalus.apache.org with SMTP; 29 Aug 2002 14:27:30 -0000
Received: (qmail 5654 invoked by uid 97); 29 Aug 2002 14:27:31 -0000
Delivered-To: qmlist-jakarta-archive-tomcat-user@jakarta.apache.org
Received: (qmail 5638 invoked by uid 97); 29 Aug 2002 14:27:31 -0000
Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm
Precedence: bulk
List-Unsubscribe: <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
List-Subscribe: <mailto:tomcat-user-subscribe@jakarta.apache.org>
List-Help: <mailto:tomcat-user-help@jakarta.apache.org>
List-Post: <mailto:tomcat-user@jakarta.apache.org>
List-Id: "Tomcat Users List" <tomcat-user.jakarta.apache.org>
Reply-To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
Delivered-To: mailing list tomcat-user@jakarta.apache.org
Received: (qmail 5626 invoked by uid 98); 29 Aug 2002 14:27:30 -0000
X-Antivirus: nagoya (v4218 created Aug 14 2002)
Message-Id: <5.1.0.14.2.20020829100116.01efed68@po2.bbn.com>
X-Sender: skarumur@po2.bbn.com
X-Mailer: QUALCOMM Windows Eudora Version 5.1
Date: Thu, 29 Aug 2002 10:27:01 -0400
To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
From: Srinadh Karumuri <skarumur@bbn.com>
Subject: session tracking using URL rewriting & META=refresh
In-Reply-To: <3D6E2752.6000501@latte.harvard.edu>
References: <3D6D4BE8.4060302@latte.harvard.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N

Hi,

I know there are two ways of session tracking in Tomcat 3.
1. Cookies based: This is out of question as our customers do not want this.
2. URL rewriting: We rewrite URLs using encodeURL(...) and worked fine for 
more than a year.

The problem started once we introduced the META-Refresh to forward user's 
screen after time out when Javascript is OFF. The copy of the HTML source 
from browser is as below:

<META HTTP-EQUIV=Refresh
CONTENT="600;
URL=../jsp/UserMessage.jsp;jsessionid=To1071mC22961575233267228At?msgid=1001&grace=120;">

Since semi-colon marks the  end of URL, browser was not forwarding the 
jsessionid. If I copy the URL into browser manually, it works fine.

Q1. Is there a third way of session tracking? I remember reading somewhere 
about keeping an hidden <input> field with name="jsessionid" in the page.

Any help on this?

Q2. I guess tomcat doesn't support any other character in the place of 
semi-colon. Is there any way to escape this character in the META value?

Note: We need to use Javascript OFF per customer's requirements.

Thanks,
Sri


jsp/etrUserMessage.jsp;jsessionid=To1075mC2510161898001374At?msgid=1001&grac 
e=120


--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>