tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ken Bowen <kbo...@als.com>
Subject Re: jsessionid on EXACTLY the 2nd request?
Date Mon, 04 Jan 2010 22:51:55 GMT
Thanks Mark.  That cleared it up for me:

Re:  a) look at the html source of the responses and/or look at the  
URLs for
>
> the links you are clicking on before you click on them.

That's the trick.  The source for that (in a JSP) looks like:

<a href= <%=response.encodeURL ( "anotherPage.jsp" )%>   
class="top_parent">Another Page</a>

And when I hover over that link, the Browser footer shows that the  
request includes the attached jsessionid.

Cheers,
Ken


On Jan 4, 2010, at 5:15 PM, Mark Thomas wrote:

> On 04/01/2010 21:43, Ken Bowen wrote:
>> I'm not sure about that.
>
> Run through your test again, but this time:
> a) look at the html source of the responses and/or look at the URLs  
> for
> the links you are clicking on before you click on them.
>
>>  Here's what seems to me to be the sequence of
>> events:
>>
>> Browser sends initial request  http://myapp.com
>>        Tomcat creates session and generates page for this request.
>>        Tomcat doesn't know that Browser supports cookies, so it  
>> should
>> append jsessionid (but doesn't ??)
>
> Nope. The URL displayed in the address bar is the one you requested.  
> You
> should also take a look at the links in the html source at this point.
>
>> Browser get's Tomcat response & display's page with address:
>> http://myapp.com
>
> Correct.
>
>> Browser creates JSESSIONID cookie (using info supplied by Tomcat in
>> response):
>> Cookie has contents:    4E4F86E5B779F43BCA7895B8A554FDCD
>> -----
>> Browser makes  2nd request, for http://myapp/anotherPage.  Browser  
>> must
>> definitely by now be stating that it supports cookies.
>
> Correct. But look at the URL for the link you click on at this point.
>
>>         Tomcat prepares response, adding jsessionid (why?),
>
> Nope. Again, the URL in the address bar is the URL you requested. It  
> is
> not part of the response.
>
>> the SAME
>> jsessionid as in the cookie: 4E4F86E5B779F43BCA7895B8A554FDCD
>> Browser displays response with jsessionid showing in address bar.
>
> Correct.
>
>> ----
>> More interactions,  but no more jsessionid's.....
>
> Correct.
>
> Mark
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message