tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mitch Claborn <mi...@claborn.net>
Subject Re: JSESSIONID cookie permanent?
Date Wed, 12 Aug 2009 22:27:35 GMT
I was able to get the cookie permanent with a simple valve, code below.

Question:  the new cookie will be ignored if the response has already
been "committed" (isCommitted()).  In my brief testing, the new cookie
is being set, so the response must not be committed.  Is it possible
that there might be times when the response IS committed when my valve
is invoked, causing the new cookie to be ignored?


  public void invoke(Request request, Response response) throws
IOException, ServletException {
    getNext().invoke(request, response);
    for (Cookie c : response.getCookies()) {
      if (Globals.SESSION_COOKIE_NAME.equals(c.getName())) {
        Cookie l_new = (Cookie) c.clone();
        l_new.setMaxAge(Integer.MAX_VALUE);
        response.addCookie(l_new);
      }
    }
  }


Mitch Claborn
972-954-7341
mitch@claborn.net




Len Popp wrote:
> It comes up all the time. The solution is typically to use a separate
> cookie and *not* tie the persistent data to the browser session, since
> the browser session is transient.
> --
> Len
>
>
> On Wed, Aug 12, 2009 at 14:54, Mitch Claborn <mitch@claborn.net> wrote:
>   
>> If I can't find a another way that's what I'll have to do.  I would be
>> surprised that this need doesn't come up more frequently.
>>
>> Mitch
>>
>> David Smith wrote:
>>     
>>> Your best bet is to assign your own cookie.  Then on new session
>>> creation, look for the cookie and repopulate the new session with
>>> shopping cart data.
>>>
>>> --David
>>>
>>> Mitch Claborn wrote:
>>>
>>>       
>>>> My usage is:  I store the key to the user's shopping cart in the
>>>> session.  I'd like the user to be able to come back a few days from now
>>>> and still find the items they have placed in their shopping cart.  (This
>>>> is mostly for anonymous users who don't sign in until checkout.)
>>>>
>>>> Mitch
>>>>
>>>>
>>>> Martin Gainty wrote:
>>>>
>>>>
>>>>         
>>>>> anyone know if there is a use-case for sessionId surviving end-of-session?
>>>>>
>>>>> Martin Gainty
>>>>> ______________________________________________
>>>>> Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité
>>>>>
>>>>> Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger
sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung
einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen
und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von
E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.
>>>>> Ce message est confidentiel et peut être privilégié. Si vous n'êtes
pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur.
N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert
à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant
donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter
aucune responsabilité pour le contenu fourni.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>           
>>>>>> Date: Wed, 12 Aug 2009 12:43:11 -0500
>>>>>> From: mitch@claborn.net
>>>>>> To: users@tomcat.apache.org
>>>>>> Subject: JSESSIONID cookie permanent?
>>>>>>
>>>>>> Is there a way to make the JSESSIONID cookie issued by Tomcat permanent,
>>>>>> or at least significantly longer life than "end of session" ?
>>>>>>
>>>>>> Mitch
>>>>>>
>>>>>>
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>             
>>>>> _________________________________________________________________
>>>>> Get back to school stuff for them and cashback for you.
>>>>> http://www.bing.com/cashback?form=MSHYCB&publ=WLHMTAG&crea=TEXT_MSHYCB_BackToSchool_Cashback_BTSCashback_1x1
>>>>>
>>>>>
>>>>>
>>>>>           
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>
>>>>
>>>>
>>>>         
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>>
>>>
>>>       
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>     
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>   

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message