-----------------------------
Please read the FAQ!
<http://java.apache.org/faq/>
-----------------------------
"Craig R. McClanahan" wrote:
> > I have been looking through the archives of this list and noticed that
> > some people have been having trouble with Netscape and session cookies,
> > but did not see a solution.
> >
> > Since I have now encountered the same problem, I was wondering if anyone
> > had sorted this out, or at least identified the bug.
> >
> > Here is the actual problem.
> >
> > I have one servlet that creates a session then redirects to another
> > servlet. The next servlet, instead of finding the already created
> > session, creates a new one.....every time (with NS, not with IE). As a
> > result, session data that is set in servlet1 is not available to servlet
> > 2. Quite annoying really. Of course, the SessionExample that comes with
> > JSDK works fine.
> >
> > Anyway, I am _extremely_ interested in getting a solution to this
> > problem. It is clear to me that it is an issue with the way Netscape
> > handles cookies and possibly something to do with redirects.
> >
> > To answer some of the questions that were raised in earlier posts.
> > 1. req.getSession(true) is the first thing called in the servlets
> > 2. Both (all) servlets are in the same zone
> > 3. Server Version: Apache/1.3.6 (Unix) ApacheJServ/1.0 mod_ssl/2.3.5
> > OpenSSL/0.9.3a
> >
> > If someone knows the cause of this problem, please let me know, so that
> > I can try and find a solution. Better still, if someone has the
> > solution.....
> >
> > Grant Jennings
> > Netnation
> >
>
> I'm not *positive* I am remembering this right, but I think I read that
> Netscape might not forward cookies that were sent along with a redirect
> request to the new destination. Given this browser behavior, the only way
> to reliably maintain session state would be URL rewriting.
>
> In Apache JServ 1.0, there is no way to force the use of URL rewriting if
> the client browser has cookies on. A new configuration option has been
> added (and will be part of the upcoming 1.0.1 release) to let you disable
> the use of cookies for session management if you want to.
>
> Craig McClanahan
>
There must be more to it than that. I rewrote the start page so that it sends
a page back instead of using redirect but the cookie still doesn't want to
stick. I ended up getting around it by bundling up all the session information
(not much at this point) into the query string of the URL. The next page it
hits, manages to make the cookie stick.......weird. It is a very ugly
(temporary) solution until the next version of jserv, where I will definitely
turn cookie session management off.
Gj
--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Archives and Other: <http://java.apache.org/main/mail.html>
Problems?: [EMAIL PROTECTED]
