tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tim Funk <funk...@joedog.org>
Subject Re: what is the rule of added jsession into the url or cookie?
Date Tue, 13 May 2003 11:27:15 GMT
URLS will be rewritten if ...
- The incoming request does not have a session cookie
- Every url is rewritten with the encodeUrl wrappers

The encodeUrl will not rewrite urls if:
- A valid session was already received in a cookie
- The URL is not absolute (with server name)

This only holds true (if the above is correct) for tomcat. Any other engine 
can do differently. (As long as they comply with the spec)

-Tim

Keith Cheng wrote:
> Hi all,
> 
> I am confuse about where does Tomcat put the jsession, url or cookie?
> 
> I know that if the "privacy" has been set to the highest one, i.e. 
> blocks all
> cookie, Tomcat will put the jsession into url.  For normal cases 
> (medium
> privacy settings and cookie should be allowed), however, I found that 
> Tomcat
> sometimes puts jsession into cookie and sometimes it puts it in the url 
> with
> the same browser, same setting.
> 
> Does anyone have similar observation?
> 
> One more question: if I see "jsession" in the url, does it mean that 
> Tomcat
> will NOT put the jsession in "cookie", or it will still put the same 
> "jsession"
> into cookie if it can?
> 
> I am using Tomcat 4.1.12 (actually is jboss-3.0.4_tomcat-4.1.12).
> 
> Thx!
> 
> Cheers,
> -- Keith Cheng
> 
> 
> _________________________________________________________
> ???(???),????(???),??(???)...
> Yahoo! ????
> http://ringtone.yahoo.com.hk
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message