Marco,
Didi you find a solution for this, if so, care to share it with the rest of us?
Marco M <[EMAIL PROTECTED]> on 08/16/2000 12:13:14 PM
Please respond to A mailing list about Java Server Pages specification and
reference <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
cc: (bcc: Shaheen Hussain/AMS/AMSINC)
Subject: Re: url rewriting for sessions
hi
please discard my previous message
regards
marco
> -----Original Message-----
> From: EXT Marco M [mailto:[EMAIL PROTECTED]]
> Sent: 16. August 2000 12:19
> To: [EMAIL PROTECTED]
> Subject: Re: url rewriting for sessions
>
>
> hi Hendrik,
> thanx for the reply
> but the problem now is that i don't know what to do with the id of the
> session
> since the interface HttpSessionContext is deprecated
> so..i have to go back and forth from JSP to servlet.. and
> store all the
> session (with relative ids) in an Hashtable in the Servlet
> do u have any other possible solutions??
> thanx in advance & regards
> marco
>
> > -----Original Message-----
> > From: EXT Hendrik Schreiber [mailto:[EMAIL PROTECTED]]
> > Sent: 16. August 2000 11:59
> > To: [EMAIL PROTECTED]
> > Subject: Re: url rewriting for sessions
> >
> >
> > Hi!
> >
> > URL rewriting means that a URL in a page, that your JSP or
> > servlets produces, is
> > encoded with the method response.encodeURL(String yourURL).
> >
> > So in a JSP instead of writing:
> > <a href="someURL">target</a>
> >
> > you should write:
> > <a href="<%=response.encodeURL("someURL")%>">target</a>
> >
> > pretty much the same applies to servlets.
> >
> > And that is exactly the limitation: you have to rewrite every
> > single URL you
> > produce!
> > The session id is sent back from the client to the server by
> > clicking on the
> > encoded link.
> > Contrary to Cookies, URL rewriting does not make use of headers.
> >
> > If you want to make sure everybody out there shall be able to
> > use your application,
> > use URL rewriting where necessary (see
> > request.isRequestedSessionIdFromURL() and
> > request.isRequestedSessionIdFromCookie()).
> >
> > If you don't want to go through the hassle, just use cookies
> > and tell you users to
> > accept them. IMHO they are absolutely no scurity risk.
> >
> > -hendrik
> > - - - - - - - - - - - - - - - - - - - - - - - - - - -
> > tagtraum industries http://www.tagtraum.com/
> > jo! small&smart 2.2 servletengine
> > Java Server & Servlets The web-application book
> > The WebApp Framework http://www.webapp.de/
> >
> >
> >
> > Joe Hanink wrote:
> >
> > > Questions about URL Rewriting:
> > >
> > > what exactly is this and how is it done?
> > > what does the server do, and what is programmed?
> > >
> > > i've read that sessions tied to cookies can fail due to
> client side
> > > settings. url-rewriting was indicated as the workaround.
> > >
> > > do you build an adapted url or is it automated by some setting?
> > > does the client app pass its session id with every request,
> > via some header?
> > >
> > > finally, what are the limitations of url-rewriting... that
> > is, what are the
> > > failure modes (e.g. user clicks back button?)
> > >
> > >
> > ==============================================================
> > =============
> > > To unsubscribe: mailto [EMAIL PROTECTED] with body:
> > "signoff JSP-INTEREST".
> > > Some relevant FAQs on JSP/Servlets can be found at:
> > >
> > > http://java.sun.com/products/jsp/faq.html
> > > http://www.esperanto.org.nz/jsp/jspfaq.html
> > > http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
> > > http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
> >
> > ==============================================================
> > =============
> > To unsubscribe: mailto [EMAIL PROTECTED] with body:
> > "signoff JSP-INTEREST".
> > Some relevant FAQs on JSP/Servlets can be found at:
> >
> http://java.sun.com/products/jsp/faq.html
> http://www.esperanto.org.nz/jsp/jspfaq.html
> http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
> http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
>
> ==============================================================
> =============
> To unsubscribe: mailto [EMAIL PROTECTED] with body:
> "signoff JSP-INTEREST".
> Some relevant FAQs on JSP/Servlets can be found at:
>
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
