Thanks I already thinked about that. On Sunday I will set this config. But what about to find another solution like Hotmail.com.
I think other will people will need another solution. Sometimes we cannot know if the users are behind a proxy or not. Thanks in advance, Antonio Gallardo. Christoph Gaffga dijo: > Hi, > >> I think that this can be done because the proxy is returning a cached >> page from another user. Because the request has the same URI from >> every user (as long as I can see). The request URI does not have info >> about sessions. > > If you are behind a proxy maybe you can configure it not to cache urls > at http://internalserver:8080/theapp/. > Or it helps if you do > response.setHeader("Cache-Control", "No-Cache"); > > yours > Christoph Gaffga > [EMAIL PROTECTED] > > ----- Original Message ----- > From: "Antonio Gallardo" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Saturday, November 30, 2002 9:32 AM > Subject: [Authentication] - Generate javascript using XSP > > >> Hi Cococoners! >> >> I am currently an application that is currently running on a test mode >> with a small amount of users (20) in a Intranet environment. With the >> following characteristics: >> >> The application is running behind a proxy. >> The app use the authentication framework. >> The app have a page called welcome that show the current user. >> >> I am currently having problem with session management: >> >> The users told me that sometimes when they are already authenticated >> and request the welcome page, the response present another user. >> >> The page is called with http://internalserver:8080/theapp/welcome >> >> I think that this can be done because the proxy is returning a cached >> page from another user. Because the request has the same URI from >> every user (as long as I can see). The request URI does not have info >> about sessions. But I read in the book from Carsten and Mathhew on >> page 303 (second paragraph from the end): >> >> "The default is usually to use cookies, because the developer of the >> web application does not need to do anything special to use them. ..." >> >> Please Dont let me wrong. I now that the problem is caused by me. :-D >> >> The menu of the application is a static Javascript file served with a >> reader. This file hs no info about sessions. Now I realized that in >> order to "set" a session into the request I need to include a >> parameter with the SessionID for every request. I does not include it >> before because the quote above. >> >> With this scenario my questions is: >> >> How I can ensure that every request URI from the user will have the >> SessionID included or use the default cookies? >> >> For me this is not a trivial question, because: >> >> I thinked first: "OK, I will generate the menu.js on ther fly using >> XSP." >> >> But after think a while I realized that this issue will fall again in >> the same category as the http://internalserver:8080/theapp/welcome >> explained above. :-( >> >> Please tell me what can I do? >> >> I am currently thinking in calling the menu.js with the sessionID too. >> >> This will work or there is another easier way to do that? >> >> Many thanks in advance, >> >> Antonio Gallardo. >> >> >> >> >> --------------------------------------------------------------------- >> Please check that your question has not already been answered in the >> FAQ before posting. <http://xml.apache.org/cocoon/faq/index.html> >> >> To unsubscribe, e-mail: <[EMAIL PROTECTED]> >> For additional commands, e-mail: <[EMAIL PROTECTED]> >> > > > --------------------------------------------------------------------- > Please check that your question has not already been answered in the > FAQ before posting. <http://xml.apache.org/cocoon/faq/index.html> > > To unsubscribe, e-mail: <[EMAIL PROTECTED]> > For additional commands, e-mail: <[EMAIL PROTECTED]> --------------------------------------------------------------------- Please check that your question has not already been answered in the FAQ before posting. <http://xml.apache.org/cocoon/faq/index.html> To unsubscribe, e-mail: <[EMAIL PROTECTED]> For additional commands, e-mail: <[EMAIL PROTECTED]>
