tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From shawn <>
Subject Re: session id's really unique?
Date Tue, 31 Dec 2002 01:11:40 GMT
Just to confirm,

If I send use RequestDispatcher.forward(request, response) and send it
to another context, that session will be newly managed under the new
context (or by the original context) and therefore there is no risk of
duplicate id's.

The other issue is to be patched.


Sorry to be paranoid. Can't help it though.

On Mon, 2002-12-30 at 23:58, Glenn Olander wrote:
> You run the risk of getting duplicate session id's. However, across 
> contexts you'll have
> separate Managers, and therefore different sets of sessions. So, you 
> don't run the risk
> of one context gaining access to another context's sessions.
> The risk is the one discussed in the other session id thread where if 
> you get duplicate
> session id's in the same context. Then you've got serious problems.
> shawn wrote:
> >If I use RequestDispatcher.forward(request, response) to another context
> >am I running the risk of session id conflicts?  
> >
> --
> To unsubscribe, e-mail:   <>
> For additional commands, e-mail: <>
shawn <>

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message