I have a site which stores user profile in HttpSession after user gets in
supplying user id and password.
I need to provide some client site batch operation on the site using standalone
java client.
I remember old servlet spec which allowed you to embed session ID into URL if
there is no way to use cookies to handle HttpSession.
The scenario is:
1. My client java program creates HttpURLConnection for the site login response
URL with valid user ID and password.
2. Then client gets HTML response proving successful login. According to the
application logic a new session has been created and client receives
"Set-Cookie" response header with some value like
"JSESSIONID=BGDBPNFMPDGO; Path=/".
3. Assuming JSESSIONID is a name Orion wants to identify session id I include
JSESSIONID=BGDBPNFMPDGO into query string for my next client request.
4. Client gets HTML response such as in case session was not established yet -
new session has been created.
So, Orion does not recognize "JSESSIONID=BGDBPNFMPDGO" in request pointing to
existing HttpSession.
Am I missing something obvious ? Or it might be some time/racing issues ?
I need thins functionality very much. Any help would be greatly appreciated
Thanks
~boris
