tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Markus" <>
Subject RE: Apache, mod_jk and Tomcat looses sessions
Date Mon, 31 Jul 2006 21:31:14 GMT
Christopher Schultz wrote on Monday, July 31, 2006 10:08 PM:
> Markus,
>>>>> If the session is mandatory, I recommend changing:
>>>>>     request.getSession(false)
>>>>> to
>>>>>     request.getSession(true)
>>>> Thanks for your quick answer. The problem I want to solve is only to
>>>> create a session if it is really needed, so #redirectToURLWithSID is
>>>> a little bit more complicated that this.
>>> What is your definition of "is really needed"? I would say that NOT
>>> having a session is a good indication that you SHOULD create one. Am
>>> I missing the point?
>> Not having a session results in not sending cookies nor sids and thats
>> what I want, at least for pages where it isn't needed.
> Some part of your logic is missing: you do not have a case where it is
> known that you MUST create a session. Therefore, you never create a
> session. Your code tries and tries again (redirecting continuously) but
> never creates a session because you are not handling the case where you
> want to create one. You must create a session at some point: you're just
> not doing it.     

Hm, I don't understand your point. Take a look:

if (redirectToURLWithSID(request)) {
    String url = request.getRequestURI();
    url = response.encodeRedirectURL(url);

So I check in #redirectToURLWithSID if I need a session or not (which is
shortened in the example). I only redirect after creating a session via
request.getSession(true). There is no redirect without creating a session.

Beste Grüße / best regards Markus Meissner

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message