----------------------------------------------------------------
BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
WHEN YOU POST, include all relevant version numbers, log files,
and configuration files. Don't make us guess your problem!!!
----------------------------------------------------------------
Hi,
Please look at the
HttpServetResponse.encodeUrl(String) and encodeRedirectUrl(String) method.
You have to be sure that every link will be encoded to have the session ID
appended
at the end of it.
Hope it helps,
Andras.
----- Original Message -----
From: Otis Gospodnetic <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, March 23, 2000 3:04 AM
Subject: session.useCookies=false not working
> ----------------------------------------------------------------
> BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
> WHEN YOU POST, include all relevant version numbers, log files,
> and configuration files. Don't make us guess your problem!!!
> ----------------------------------------------------------------
>
> Hi,
>
> I'm having trouble with 'session.useCookies=false' config options.
>
> If set to true JServ will use cookies for session tracking.
> If set to false it stops using cookies, but it doesn't use URL rewriting
> either :(
> Do I have to change anything in my java servlets to get it to work or
shold
> the config change be sufficient?
>
> The reason I would like to turn cookies off is because I'm trying to use a
> handheld/wireless device (Palm VII) to access the server, and those
devices
> are apparently on diet and don't eat cookies :(
>
> I have this scenario (maybe this particular scenario has something weird
in
> it):
>
> 1. login page - user enters username + password
> 2. 'Auth' servlet is executed, if username + password are successful it
> creates a session, sticks something in it, and redirects the user to the
> next servlet (Servlet2 is this example):
>
> Cookie cookie = new Cookie("username",username);
> res.addCookie(cookie);
> HttpSession session = req.getSession(true);
> session.putValue(session.getId(), new Foo);
> try
> {
>
> res.sendRedirect(res.encodeRedirectUrl("/servlets/Servlet2"));
> return null;
> }
> catch (IOException ioe) {}
>
> 3. Servlet2 makes sure that the user went through authentication by doing
> this:
>
> HttpSession session = req.getSession(false);
> System.err.println("SESSION: " + session); // PROBLEM right here -
> session is always null :(
> if (session == null)
> {
> try
> {
> res.sendRedirect(res.encodeRedirectUrl(loginURL));
> return null;
> }
> catch (IOException ioe) {}
> }
> else { // session exists, continue with servlet execution }
>
>
> This works fine if I have 'session.useCookies=true', but does not work
> (session in Servlet2 is _always_ null) if I have
'session.useCookies=false'
> in the .properties file of this servlet zone.
>
> I'm looking at the Apache log and I don't see any URLs being rewriten (I
see
> http://...../servlets/Servlet2 being executed, and there are no
> sessionId-like params appended to the servlet.
>
>
> I'm running the latest JServ (1.1 Final) on Linux with Apache 1.3.11
>
> Any help would be _much_much_much_ appreciated!
> Thank you,
>
> Otis
> P.S.
> Sorry if you get this message twice - I sent it first to java-apache
mailing
> list, and then realized that that is more of a dev. list.
>
>
>
> --
> --------------------------------------------------------------
> Please read the FAQ! <http://java.apache.org/faq/>
> To subscribe: [EMAIL PROTECTED]
> To unsubscribe: [EMAIL PROTECTED]
> Archives and Other: <http://java.apache.org/main/mail.html>
> Problems?: [EMAIL PROTECTED]
--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Archives and Other: <http://java.apache.org/main/mail.html>
Problems?: [EMAIL PROTECTED]
