Re: [Juglist] Session tracking with JBoss behind a PHP site

Tue, 15 Mar 2005 17:52:43 -0800

That JSESSIONID are you putting that in the URL or in a cookie. So if you put it in a URL its not
secure and can never be secure and I can hack you with ethereal but if this is local then maybe not a
big deal. You just need to enable url rewriting in tomcat.

ModRewrite can do cookie mangling, not sure if there is a way to store the cookie in PHP or something.

jboss-4.0.1/server/default/deploy/jbossweb-tomcat50.sar/server.xml

<DefaultContext cookies="true" crossContext="true" override="true"/>

make it say


<DefaultContext cookies="false" crossContext="true" override="true"/>

However don't say I didn't warn you.

David Cooper wrote:

I have a site built with PHP 4.3 that sends requests to a JBoss j2ee
application using either the include() or the virtual() functions from php
land.  Each request from a .php file seems to get a new http session in the
JBoss 4.x server.

I thought if I passed the JSESSSIONID in on an http request that would hook
up the request from the PHP engine to the session in the JBoss domain.  It
simply doesn't seem to work.  Even with the JSESSIONID set on each request
there seems to be a new session created for each request from a .php file.

If I know the session id shouldn't I be able to communicate to JBoss which
session to use as the context for my request?

Thanks,
David Cooper


----- Original Message ----- From: "Richard O. Hammer" <[EMAIL PROTECTED]>
To: "Research Triangle Java User's Group mailing list." <[email protected]>
Sent: Sunday, March 13, 2005 10:36 PM
Subject: Re: [Juglist] website




[EMAIL PROTECTED] wrote:


anyone know what is up with the website lately? it seems to be down a


lot.


During the last few months, I have noticed that I often get server
errors when accessing the TriJUG.org website.  These errors seem to
occur at random, unpredictable times, and seem to happen for any page
requested in the whole site.  But I always succeed eventually when I try
again later, after a minute or five minutes.  I guess it is something
happening on the server, unrelated to the content or programming of our
website.

Rich Hammer

_______________________________________________
Juglist mailing list
[email protected]
http://trijug.org/mailman/listinfo/juglist_trijug.org





_______________________________________________
Juglist mailing list
[email protected]
http://trijug.org/mailman/listinfo/juglist_trijug.org
.





_______________________________________________
Juglist mailing list
[email protected]
http://trijug.org/mailman/listinfo/juglist_trijug.org

Reply via email to