tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jon Wingfield <>
Subject Re: isRequestedSessionIdFromURL() returns false
Date Thu, 16 Jun 2005 16:34:03 GMT
Something like this maybe:

String url = request.getRequestURL().toString();
if (url.indexOf("jsessionid")>-1
     && url.indexOf(request.getRequestedSessionId())>-1) {
     // do redirect


Michael Jouravlev wrote:
> If both methods return true, they would identify the first request
> after session has been established with browser which supports
> cookies. I try to keep GET requests clean to encourage browser to keep
> its page history from growing. When I detect this request, I perform a
> redirect to the same location to clean URL up. After redirection URL
> will be clean, because session ID will be contained in cookie only. I
> need to do this only once.
> With isRequestedSessionIdFromURL() returning false I cannot do what I
> need :-( Any ideas?
> Michael.
>>Interesting question.
>>The Servlet 2.3 spec says:
>>public boolean isRequestedSessionIdFromURL()
>>Checks whether the requested session ID came in as part of the request URL.
>>Returns: true if the session ID came in as part of a URL; otherwise,
>>I would interpret it this way: if the session id, which should be used
>>was extracted from the URL, then return true.
>>If however the cookie contains the same id and was checked first (which
>>is default I think) then the requested session id came from the cookie!
>>Imagine what would happen if always both would be checked and URL and
>>cookie would contain 2 different ids.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message