tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Charles P. Killmer" <charl...@netgaintechnology.com>
Subject RE: Session ID's
Date Tue, 02 Aug 2005 17:07:42 GMT
Thanks.  I will take a look through this.

Charles 

-----Original Message-----
From: Bernhard Slominski [mailto:bernhard.slominski@zooplus.com] 
Sent: Tuesday, August 02, 2005 10:33 AM
To: 'Tomcat Users List'
Subject: AW: Session ID's

Some small addition:
URL Rewriting is only used when cookies are switched off.
>>From the Servlet Spec:

SRV.7.1.3 URL Rewriting
URL rewriting is the lowest common denominator of session tracking. When a client will not
accept a cookie, URL rewriting may be used by the server as the basis for session tracking.
URL rewriting involves adding data, a session ID, to the URL path that is interpreted by the
container to associate the request with a session.
The session ID must be encoded as a path parameter in the URL string. The name of the parameter
must be jsessionid. Here is an example of a URL containing encoded path information:
http://www.myserver.com/catalog/index.html;jsessionid=1234

SRV.7.1.4 Session Integrity
Web containers must be able to support the HTTP session while servicing HTTP requests from
clients that do not support the use of cookies. To fulfill this requirement, Web containers
commonly support the URL rewriting mechanism.

Bernhard

> -----Urspr√ľngliche Nachricht-----
> Von: Charles P. Killmer [mailto:charlesk@netgaintechnology.com]
> Gesendet: Dienstag, 2. August 2005 17:03
> An: Tomcat Users List
> Betreff: RE: Session ID's
> 
> 
> I was hoping there was a configuration setting that would tack the 
> session id onto every hyperlink at runtime, much as PHP does.
> 
> Charles
> 
> -----Original Message-----
> From: Derrick Koes [mailto:Derrick_Koes@skillsoft.com]
> Sent: Tuesday, August 02, 2005 9:20 AM
> To: Tomcat Users List
> Subject: RE: Session ID's
> 
> Use HttpServletResponse.encodeURL(String url)
> 
> -----Original Message-----
> From: Charles P. Killmer [mailto:charlesk@netgaintechnology.com]
> Sent: Tuesday, August 02, 2005 10:04 AM
> To: Tomcat Users List
> Subject: Session ID's
> 
> Is there a configuration setting such that every local URL will be 
> encoded with a session id if one is present?  I have developed a site 
> that uses cookies to hold the session id and am getting complaints 
> from users that do not have cookies enabled.
>  
> Thanks
> Charles
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message