combination of contexts and/or virtual hosts to get both behaviors, but I've not tried it.
We kinda support the URL rewriting in a deprecated "because we have to" kind of way. Its not something
normally recommended.
David Cooper wrote:
Thanks and I appreciate the caveat about security. The URLs that have a session id in them are all internal URL's that will never be sent over the internet to a client.
Having said that I need JBoss to support both request with the URL in them and requests where the JSESSIONID is stored in a cookie. Will the setting you suggest changing switch between the two methodologies or with TOMCAT do I have to make an either/or choice about where the session id's are store?
Thanks, David
----- Original Message ----- From: <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Tuesday, March 15, 2005 8:42 PM
Subject: Re: [Juglist] Session tracking with JBoss behind a PHP site
phpThat JSESSIONID are you putting that in the URL or in a cookie. So if you put it in a URL its not secure and can never be secure and I can hack you with ethereal but if this is local then maybe not a big deal. You just need to enable url rewriting in tomcat.
ModRewrite can do cookie mangling, not sure if there is a way to store the cookie in PHP or something.
jboss-4.0.1/server/default/deploy/jbossweb-tomcat50.sar/server.xml
<DefaultContext cookies="true" crossContext="true" override="true"/>
make it say
<DefaultContext cookies="false" crossContext="true" override="true"/>
However don't say I didn't warn you.
David Cooper wrote:
I have a site built with PHP 4.3 that sends requests to a JBoss j2ee
application using either the include() or the virtual() functions from
theland. Each request from a .php file seems to get a new http session in
hookJBoss 4.x server.
I thought if I passed the JSESSSIONID in on an http request that would
Itup the request from the PHP engine to the session in the JBoss domain.
requestsimply doesn't seem to work. Even with the JSESSIONID set on each
file.there seems to be a new session created for each request from a .php
whichIf I know the session id shouldn't I be able to communicate to JBoss
<[email protected]>session to use as the context for my request?
Thanks, David Cooper
----- Original Message ----- From: "Richard O. Hammer" <[EMAIL PROTECTED]>
To: "Research Triangle Java User's Group mailing list."
Sent: Sunday, March 13, 2005 10:36 PM Subject: Re: [Juglist] website
[EMAIL PROTECTED] wrote:
anyone know what is up with the website lately? it seems to be down a
lot.
During the last few months, I have noticed that I often get server errors when accessing the TriJUG.org website. These errors seem to occur at random, unpredictable times, and seem to happen for any page requested in the whole site. But I always succeed eventually when I try again later, after a minute or five minutes. I guess it is something happening on the server, unrelated to the content or programming of our website.
Rich Hammer
_______________________________________________ Juglist mailing list [email protected] http://trijug.org/mailman/listinfo/juglist_trijug.org
_______________________________________________ Juglist mailing list [email protected] http://trijug.org/mailman/listinfo/juglist_trijug.org .
_______________________________________________ Juglist mailing list [email protected] http://trijug.org/mailman/listinfo/juglist_trijug.org
_______________________________________________ Juglist mailing list [email protected] http://trijug.org/mailman/listinfo/juglist_trijug.org .
_______________________________________________ Juglist mailing list [email protected] http://trijug.org/mailman/listinfo/juglist_trijug.org
