tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Delbecq <>
Subject Re: URL rewriting For Session Tracking
Date Thu, 04 Jan 2007 15:24:53 GMT

En l'instant précis du 01/04/07 16:04, Caldarale, Charles R s'exprimait
dans toute sa noblesse:
>> From: Christopher Schultz [] 
>> Subject: Re: URL rewriting For Session Tracking
>> I think you are misinterpreting the OP's question... I think 
>> he wants to /force/ the use of URL rewriting to include the
>> jsessionid. In that case, he /must/ run all his links through 
>> HttpServletResponse.encodeURL.
> So setting cookies="false" in the <Context> element isn't sufficient?
no, setting cookies=false just disable session tracking using cookies.
Proper link to your webapplication should travel inside encodeUrl() at
some point before rendering it to outputstream. Most tag that output
urls are doing it internally (<struts:link/>, <c:url/> amongst other are
doing it)
> (Assuming a session has been created via request.getSession(true), of
> course.)  I haven't tried it, but that's the implication I got from
> reading the doc.  
Strange, reading the doc i see this " Set to false if you want to
disable the use of cookies for session identifier communication, and
rely only on URL rewriting by the application. ". That is clear, if you
set to false, you must use url rewriting in your application to track
session identifier. Setting cookies to false won't magically parse all
your pages to add session identifier. (See J2EE specifications for details)
> What does cookies="false" actually do, then?
It disables use of cookies for session tracking
> To step back a little: why would it be important to use URL encoding to
> track sessions rather than do it with cookies?

1) not everyone has cookies enabled in their browser
2) in some cases it can be useful to have 2 sessions in same browser
(something you can't do with cookies)

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message