subject:"RE\: how to disable \(or work around\) jsessionid in html\:img sources"

Re: how to disable (or work around) jsessionid in html:img sources

2003-11-13 Thread Brice Ruth

Btw, Kris - I just had to make use of this code that you provided, and 
it works perfectly. Sweet!

Kris Schneider wrote:

If you can accomplish what you want via Apache rewrite rules, that seems like a
simpler solution. If that doesn't work out, here's a JSP/JSTL equivalent of how
 comes up with the module path:
<%@ page import="org.apache.struts.Globals" %>
<%@ taglib prefix="c"uri="http://java.sun.com/jstl/core"; %>
<%@ taglib prefix="c_rt" uri="http://java.sun.com/jstl/core_rt"; %>




   


">

Quoting dutrieux <[EMAIL PROTECTED]>:

 

Maybe you can try, But I think the impacts is all pages send to apache 
then all virtualhosts defiend by the mod_jk.

Ruth, Brice a écrit :

   

Is this something I can do at a global level, so that it impacts all 
virtualhosts defined by the mod_jk auto configuration file generated 
by Tomcat's connector?

dutrieux wrote:

 

Hello

For Apache v3.x you need to put in "httpd.conf" file this entry :

RewriteRule ^(.*);jsessionid=.*$ $1 [L]

Best regards

Olivier Dutrieux
*
*
Ruth, Brice a écrit :
   

Ruth, Brice wrote:

 

Hi. I'm using html:img in certain tiles that are used from very 
different places in my application with the "page" attribute to 
take advantage of module-relative naming for the image sources. 
However, when cookies aren't enabled, or on the first visit to the 
web application (with no session cookie having been previously 
detected), the ';jsessionid=X' gets added to the end of the image. 
Now, I'm not driving any dynamic images, nor do I intend to, so 
this sessionid is worthless to me. Furthermore - since I'm using 
Apache+Tomcat+mod_jk to serve this application, Apache seems to 
choke on serving up this image. I expect its because the sessionid 
is delimited by ';' instead of '?' as I'm used to, but maybe not.

Either way - does anyone know of a way to get around this? If 
possible, I'd prefer not having to do anything special in the 
Apache conf, mainly because I'm using the auto-generated mod_jk 
conf file for this configuration.

Thanks!

   

Any takers on this? This is kinda hosin' up my Apache/Tomcat setup 
... Tomcat standalone serves up the images fine with the jsessionid 
junk, but Apache doesn't!

 

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
   

--


*Olivier Dutrieux*



Institut Pasteur
Informatique de gestion
&
Micro-Informatique
25-28 rue du Docteur Roux
75724 PARIS CEDEX 15

Tel: +33 (0) 1 40 61 31 62
Fax: +33 (0) 1 45 68 89 89

   

 

--
Brice D. Ruth
Sr. IT Analyst
Fiskars Brands, Inc.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: how to disable (or work around) jsessionid in html:img sources

2003-10-23 Thread Ruth, Brice

Craig R. McClanahan wrote:

Ruth, Brice wrote:

Seems strange that a rule would be set that breaks IETF standards, 
doesn't it? Or am I seeing this totally wrong?

In IETF standards terms, the session identifier is a *path* parameter, 
not a *query* parameter.  Such parameters can actually be added to any 
segment in the url ("http://foo.com/bar;baz=bop/ping;game=pong";), not 
just the last one.  Just because it is not common doesn't mean it's 
broken :-).

Craig McClanahan

Very true, very true. I'm just having a hard time understanding what 
Apache is supposed to *do* with this 'param' argument ... I've been 
doing web stuff for quite a while and I've never really run into this 
(which again, doesn't mean anything's broken, just because *I* haven't 
encountered it :)).

--
Brice D. Ruth
Sr. IT Analyst
Fiskars Brands, Inc.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: how to disable (or work around) jsessionid in html:img sources

2003-10-23 Thread Ruth, Brice

Craig R. McClanahan wrote:

Don't blame Tomcat's JK or JK2 connectors on me!  I don't have 
anything to do with them :-).

I've only ever been interested in the standalone Tomcat code (and, for 
work, the way that Tomcat gets integrated into Sun's web server and 
app server products).  In all of those cases, session identifiers work 
just fine.  So do servlet mappings and all the other features.

ISTR someone on TOMCAT-USER has posted a mod_rewrite rule that can 
deal with the jsessionid passthrough.
I have a mod_rewrite rule working now, but my problem is that the rule 
has to be specified in the VirtualHost definition for a site, and that 
VirtualHost definition is auto-generated by ApacheConfig on the Tomcat 
side, and there's no way to tell ApacheConfig to do this right ... so, 
right now, I have hand-edited the mod_jk.conf file generated by 
ApacheConfig, but I have to re-edit everytime Tomcat restarts (and 
rewrites that file).

Not an ideal situation, by any means :(

On a production server, I can see putting the Apache configuration in 
httpd.conf or some other file, all manually, without using ApacheConfig 
at all, but for dev and staging, that saves me a ton of time ...

Brice

--
Brice D. Ruth
Sr. IT Analyst
Fiskars Brands, Inc.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: how to disable (or work around) jsessionid in html:img sources

2003-10-23 Thread Craig R. McClanahan

James Mitchell wrote:

You know, in light of the fact that it may be standard and to the spec,
it's funny that most of the servlet containers that I use (Tomcat,
Resin, Jetty) don't recognize their own rewritten urls.
To me, that's just unacceptable.

 

Don't blame Tomcat's JK or JK2 connectors on me!  I don't have anything 
to do with them :-).

I've only ever been interested in the standalone Tomcat code (and, for 
work, the way that Tomcat gets integrated into Sun's web server and app 
server products).  In all of those cases, session identifiers work just 
fine.  So do servlet mappings and all the other features.

ISTR someone on TOMCAT-USER has posted a mod_rewrite rule that can deal 
with the jsessionid passthrough.

Someone with some influence (Craig? Remy?) might want to address this.

 

http://nagoya.apache.org/bugzilla

Craig



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: how to disable (or work around) jsessionid in html:img sources

2003-10-23 Thread Craig R. McClanahan

Ruth, Brice wrote:

Saul Q Yuan wrote:

-Original Message-
From: Ruth, Brice [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 23, 2003 9:32 AM
To: Struts Users Mailing List
Subject: Re: how to disable (or work around) jsessionid in html:img
sources
James Mitchell wrote:

A bit of history on this subject:

* From: Craig R. McClanahan
* Subject: Re: Why would jsessionid not appear?
* Date: Wed, 08 Aug 2001 12:09:26 -0700
The jsessionid path parameter will only be added if the servlet
container
does not know whether your client supports cookies.  How Tomcat

handles

this (probably typical of others):

* On the first response in a session, send the session id
both ways (cookie and encoding).
* If the subsequent request comes back with a cookie, turn
of URL rewriting for the remainder of this session.
* If the subsequent request comes back without a cookie,
keep on rewriting.
Craig

So, with that having been said, all you have to do is
tell all your users to hit refresh whenever they access
your site.
That way, all external links and images will work.

If you find that unacceptable, you could:

Move the contents of index.jsp to index2.jsp, then:

Put a meta refresh tag as your initial page (index.jsp).
  http://www.yoursite.com/index2.jsp";>
or

Add some javascript that sends the user to index2.jsp.
  (similar to above)
or

Use  or any number of ways in a scriptlet
to redirect to index2.jsp
On the Struts-Atlanta web site (http://www.struts-atlanta.org),
I take a slightly different approach.
At the top of my index.jsp, I do this:

What this does is refresh the page one time only.  This method works

for

me because I am not posting or processing any forms with this page

which

would not work correctly if I had.

Hope that helps.

Thanks, James.

Ignoring for the moment how these workarounds smack of "hack", this
doesn't solve the problem of people visiting the site w/o cookies
enabled. What I don't understand is why the delimiter ';' is being

used,

instead of the traditional '?' - which Apache wouldn't have a problem
stripping off and serving up the proper file with ...

That seems to be a rule in the Servlet specification on URL rewriting
for passing session info.
http://www.jcp.org/aboutJava/communityprocess/first/jsr053/servlet23_PFD
.pdf
Saul

Seems strange that a rule would be set that breaks IETF standards, 
doesn't it? Or am I seeing this totally wrong?

In IETF standards terms, the session identifier is a *path* parameter, 
not a *query* parameter.  Such parameters can actually be added to any 
segment in the url ("http://foo.com/bar;baz=bop/ping;game=pong";), not 
just the last one.  Just because it is not common doesn't mean it's 
broken :-).

Craig McClanahan

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: how to disable (or work around) jsessionid in html:img sources

2003-10-23 Thread James Mitchell

You know, in light of the fact that it may be standard and to the spec,
it's funny that most of the servlet containers that I use (Tomcat,
Resin, Jetty) don't recognize their own rewritten urls.

To me, that's just unacceptable.

Someone with some influence (Craig? Remy?) might want to address this.


--
James Mitchell
Software Engineer / Struts Evangelist
http://www.struts-atlanta.org
678.910.8017
AIM:jmitchtx




> -Original Message-
> From: Kris Schneider [mailto:[EMAIL PROTECTED] 
> Sent: Thursday, October 23, 2003 12:01 PM
> To: Struts Users Mailing List
> Subject: Re: how to disable (or work around) jsessionid in 
> html:img sources
> 
> 
> The HTTP/1.0 spec defines a URI as:
> 
> ...
> rel_path = [ path ] [ ";" params ] [ "?" query ]
> ...
> 
> The Servlet spec states:
> 
> The session id must be encoded as a path parameter in the URL 
> string. The
> name of the parameter must be jsessionid.
> 
> Quoting "Ruth, Brice" <[EMAIL PROTECTED]>:
> 
> > Saul Q Yuan wrote:
> > 
> > >>-Original Message-
> > >>From: Ruth, Brice [mailto:[EMAIL PROTECTED]
> > >>Sent: Thursday, October 23, 2003 9:32 AM
> > >>To: Struts Users Mailing List
> > >>Subject: Re: how to disable (or work around) jsessionid 
> in html:img
> > >>sources
> > >>
> > >>James Mitchell wrote:
> > >>
> > >>
> > >>
> > >>>A bit of history on this subject:
> > >>>
> > >>>* From: Craig R. McClanahan
> > >>>* Subject: Re: Why would jsessionid not appear?
> > >>>* Date: Wed, 08 Aug 2001 12:09:26 -0700
> > >>>
> > >>>The jsessionid path parameter will only be added if the servlet
> > >>>container
> > >>>does not know whether your client supports cookies.  How Tomcat
> > >>>  
> > >>>
> > >handles
> > >  
> > >
> > >>>this (probably typical of others):
> > >>>
> > >>>* On the first response in a session, send the session id
> > >>> both ways (cookie and encoding).
> > >>>
> > >>>* If the subsequent request comes back with a cookie, turn
> > >>> of URL rewriting for the remainder of this session.
> > >>>
> > >>>* If the subsequent request comes back without a cookie,
> > >>> keep on rewriting.
> > >>>
> > >>>Craig
> > >>>
> > >>>
> > >>>
> > >>>So, with that having been said, all you have to do is
> > >>>tell all your users to hit refresh whenever they access
> > >>>your site.
> > >>>
> > >>>That way, all external links and images will work.
> > >>>
> > >>>If you find that unacceptable, you could:
> > >>>
> > >>>Move the contents of index.jsp to index2.jsp, then:
> > >>>
> > >>> Put a meta refresh tag as your initial page (index.jsp).
> > >>>> >>> content="2;URL=http://www.yoursite.com/index2.jsp";>
> > >>>
> > >>> or
> > >>>
> > >>> Add some javascript that sends the user to index2.jsp.
> > >>>   (similar to above)
> > >>>
> > >>> or
> > >>>
> > >>> Use  or any number of ways in a scriptlet
> > >>> to redirect to index2.jsp
> > >>>
> > >>>
> > >>>On the Struts-Atlanta web site (http://www.struts-atlanta.org),
> > >>>I take a slightly different approach.
> > >>>At the top of my index.jsp, I do this:
> > >>>
> > >>>
> > >>>
> > >>>
> > >>>
> > >>>
> > >>>
> > >>>
> > >>>
> > >>>
> > >>>What this does is refresh the page one time only.  This 
> method works
> > >>>  
> > >>>
> > >for
> > >  
> > >
> > >>>me because I am not posting or processing any forms with 
> this page
> > >>>  
> > >>>
> > >which
> > >  
> > >
> > >>>would not work correctly if I had.
> > >>>
> > >>>Hope that helps.
> > >>>
> > >>>
> > >>>
> > >>>  
> > >>>
> > >>Thanks, James.
> > >>
> > >>Ignoring for the moment how these workarounds smack of 
> "hack", this
> > >>doesn't solve the problem of people visiting the site w/o cookies
> > >>enabled. What I don't understand is why the delimiter ';' is being
> > >>
> > >>
> > >used,
> > >  
> > >
> > >>instead of the traditional '?' - which Apache wouldn't 
> have a problem
> > >>stripping off and serving up the proper file with ...
> > >>
> > >>
> > >
> > >
> > >That seems to be a rule in the Servlet specification on 
> URL rewriting
> > >for passing session info.
> > >
> > 
> >http://www.jcp.org/aboutJava/communityprocess/first/jsr053/se
rvlet23_PFD
> >.pdf
> >
> >
> >Saul
> >
> >
> >  
> >
> Seems strange that a rule would be set that breaks IETF standards, 
> doesn't it? Or am I seeing this totally wrong?
> 
> -- 
> Brice D. Ruth
> Sr. IT Analyst
> Fiskars Brands, Inc.

-- 
Kris Schneider <mailto:[EMAIL PROTECTED]>
D.O.Tech   <http://www.dotech.com/>

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: how to disable (or work around) jsessionid in html:img sources

2003-10-23 Thread Ruth, Brice

OK, so that looks like it makes sense, but why is Apache barfing on the 
'params', then? I can't imagine that Apache doesn't support the HTTP/1.0 
spec entirely.

Kris Schneider wrote:

The HTTP/1.0 spec defines a URI as:

...
rel_path = [ path ] [ ";" params ] [ "?" query ]
...
The Servlet spec states:

The session id must be encoded as a path parameter in the URL string. The
name of the parameter must be jsessionid.
Quoting "Ruth, Brice" <[EMAIL PROTECTED]>:

 

Saul Q Yuan wrote:

   

-Original Message-
From: Ruth, Brice [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 23, 2003 9:32 AM
To: Struts Users Mailing List
Subject: Re: how to disable (or work around) jsessionid in html:img
sources
James Mitchell wrote:

  

   

A bit of history on this subject:

* From: Craig R. McClanahan
* Subject: Re: Why would jsessionid not appear?
* Date: Wed, 08 Aug 2001 12:09:26 -0700
The jsessionid path parameter will only be added if the servlet
container
does not know whether your client supports cookies.  How Tomcat


 

handles

 

this (probably typical of others):

* On the first response in a session, send the session id
both ways (cookie and encoding).
* If the subsequent request comes back with a cookie, turn
of URL rewriting for the remainder of this session.
* If the subsequent request comes back without a cookie,
keep on rewriting.
Craig



So, with that having been said, all you have to do is
tell all your users to hit refresh whenever they access
your site.
That way, all external links and images will work.

If you find that unacceptable, you could:

Move the contents of index.jsp to index2.jsp, then:

Put a meta refresh tag as your initial page (index.jsp).
 http://www.yoursite.com/index2.jsp";>
or

Add some javascript that sends the user to index2.jsp.
 (similar to above)
or

Use  or any number of ways in a scriptlet
to redirect to index2.jsp
On the Struts-Atlanta web site (http://www.struts-atlanta.org),
I take a slightly different approach.
At the top of my index.jsp, I do this:






What this does is refresh the page one time only.  This method works


 

for

 

me because I am not posting or processing any forms with this page


 

which

 

would not work correctly if I had.

Hope that helps.





 

Thanks, James.

Ignoring for the moment how these workarounds smack of "hack", this
doesn't solve the problem of people visiting the site w/o cookies
enabled. What I don't understand is why the delimiter ';' is being
  

   

used,

 

instead of the traditional '?' - which Apache wouldn't have a problem
stripping off and serving up the proper file with ...
  

   

That seems to be a rule in the Servlet specification on URL rewriting
for passing session info.
http://www.jcp.org/aboutJava/communityprocess/first/jsr053/servlet23_PFD
.pdf
Saul



 

Seems strange that a rule would be set that breaks IETF standards, 
doesn't it? Or am I seeing this totally wrong?

--
Brice D. Ruth
Sr. IT Analyst
Fiskars Brands, Inc.
   

 

--
Brice D. Ruth
Sr. IT Analyst
Fiskars Brands, Inc.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: how to disable (or work around) jsessionid in html:img sources

2003-10-23 Thread Kris Schneider

The HTTP/1.0 spec defines a URI as:

...
rel_path = [ path ] [ ";" params ] [ "?" query ]
...

The Servlet spec states:

The session id must be encoded as a path parameter in the URL string. The
name of the parameter must be jsessionid.

Quoting "Ruth, Brice" <[EMAIL PROTECTED]>:

> Saul Q Yuan wrote:
> 
> >>-Original Message-
> >>From: Ruth, Brice [mailto:[EMAIL PROTECTED]
> >>Sent: Thursday, October 23, 2003 9:32 AM
> >>To: Struts Users Mailing List
> >>Subject: Re: how to disable (or work around) jsessionid in html:img
> >>sources
> >>
> >>James Mitchell wrote:
> >>
> >>
> >>
> >>>A bit of history on this subject:
> >>>
> >>>* From: Craig R. McClanahan
> >>>* Subject: Re: Why would jsessionid not appear?
> >>>* Date: Wed, 08 Aug 2001 12:09:26 -0700
> >>>
> >>>The jsessionid path parameter will only be added if the servlet
> >>>container
> >>>does not know whether your client supports cookies.  How Tomcat
> >>>  
> >>>
> >handles
> >  
> >
> >>>this (probably typical of others):
> >>>
> >>>* On the first response in a session, send the session id
> >>> both ways (cookie and encoding).
> >>>
> >>>* If the subsequent request comes back with a cookie, turn
> >>> of URL rewriting for the remainder of this session.
> >>>
> >>>* If the subsequent request comes back without a cookie,
> >>> keep on rewriting.
> >>>
> >>>Craig
> >>>
> >>>
> >>>
> >>>So, with that having been said, all you have to do is
> >>>tell all your users to hit refresh whenever they access
> >>>your site.
> >>>
> >>>That way, all external links and images will work.
> >>>
> >>>If you find that unacceptable, you could:
> >>>
> >>>Move the contents of index.jsp to index2.jsp, then:
> >>>
> >>> Put a meta refresh tag as your initial page (index.jsp).
> >>>>>> content="2;URL=http://www.yoursite.com/index2.jsp";>
> >>>
> >>> or
> >>>
> >>> Add some javascript that sends the user to index2.jsp.
> >>>   (similar to above)
> >>>
> >>> or
> >>>
> >>> Use  or any number of ways in a scriptlet
> >>> to redirect to index2.jsp
> >>>
> >>>
> >>>On the Struts-Atlanta web site (http://www.struts-atlanta.org),
> >>>I take a slightly different approach.
> >>>At the top of my index.jsp, I do this:
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>What this does is refresh the page one time only.  This method works
> >>>  
> >>>
> >for
> >  
> >
> >>>me because I am not posting or processing any forms with this page
> >>>  
> >>>
> >which
> >  
> >
> >>>would not work correctly if I had.
> >>>
> >>>Hope that helps.
> >>>
> >>>
> >>>
> >>>  
> >>>
> >>Thanks, James.
> >>
> >>Ignoring for the moment how these workarounds smack of "hack", this
> >>doesn't solve the problem of people visiting the site w/o cookies
> >>enabled. What I don't understand is why the delimiter ';' is being
> >>
> >>
> >used,
> >  
> >
> >>instead of the traditional '?' - which Apache wouldn't have a problem
> >>stripping off and serving up the proper file with ...
> >>
> >>
> >
> >
> >That seems to be a rule in the Servlet specification on URL rewriting
> >for passing session info.
> >
> >http://www.jcp.org/aboutJava/communityprocess/first/jsr053/servlet23_PFD
> >.pdf
> >
> >
> >Saul
> >
> >
> >  
> >
> Seems strange that a rule would be set that breaks IETF standards, 
> doesn't it? Or am I seeing this totally wrong?
> 
> -- 
> Brice D. Ruth
> Sr. IT Analyst
> Fiskars Brands, Inc.

-- 
Kris Schneider <mailto:[EMAIL PROTECTED]>
D.O.Tech   <http://www.dotech.com/>

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: how to disable (or work around) jsessionid in html:img sources

2003-10-23 Thread Saul Q Yuan



> -Original Message-
> From: Ruth, Brice [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2003 11:27 AM
> To: Struts Users Mailing List
> Subject: Re: how to disable (or work around) jsessionid in html:img
> sources
> 
> Saul Q Yuan wrote:
> 
> >>-Original Message-
> >>From: Ruth, Brice [mailto:[EMAIL PROTECTED]
> >>Sent: Thursday, October 23, 2003 9:32 AM
> >>To: Struts Users Mailing List
> >>Subject: Re: how to disable (or work around) jsessionid in html:img
> >>sources
> >>
> >>James Mitchell wrote:
> >>
> >>
> >>
> >>>A bit of history on this subject:
> >>>
> >>>* From: Craig R. McClanahan
> >>>* Subject: Re: Why would jsessionid not appear?
> >>>* Date: Wed, 08 Aug 2001 12:09:26 -0700
> >>>
> >>>The jsessionid path parameter will only be added if the servlet
> >>>container
> >>>does not know whether your client supports cookies.  How Tomcat
> >>>
> >>>
> >handles
> >
> >
> >>>this (probably typical of others):
> >>>
> >>>* On the first response in a session, send the session id
> >>> both ways (cookie and encoding).
> >>>
> >>>* If the subsequent request comes back with a cookie, turn
> >>> of URL rewriting for the remainder of this session.
> >>>
> >>>* If the subsequent request comes back without a cookie,
> >>> keep on rewriting.
> >>>
> >>>Craig
> >>>
> >>>
> >>>
> >>>So, with that having been said, all you have to do is
> >>>tell all your users to hit refresh whenever they access
> >>>your site.
> >>>
> >>>That way, all external links and images will work.
> >>>
> >>>If you find that unacceptable, you could:
> >>>
> >>>Move the contents of index.jsp to index2.jsp, then:
> >>>
> >>> Put a meta refresh tag as your initial page (index.jsp).
> >>>>>> content="2;URL=http://www.yoursite.com/index2.jsp";>
> >>>
> >>> or
> >>>
> >>> Add some javascript that sends the user to index2.jsp.
> >>>   (similar to above)
> >>>
> >>> or
> >>>
> >>> Use  or any number of ways in a scriptlet
> >>> to redirect to index2.jsp
> >>>
> >>>
> >>>On the Struts-Atlanta web site (http://www.struts-atlanta.org),
> >>>I take a slightly different approach.
> >>>At the top of my index.jsp, I do this:
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>What this does is refresh the page one time only.  This method
works
> >>>
> >>>
> >for
> >
> >
> >>>me because I am not posting or processing any forms with this page
> >>>
> >>>
> >which
> >
> >
> >>>would not work correctly if I had.
> >>>
> >>>Hope that helps.
> >>>
> >>>
> >>>
> >>>
> >>>
> >>Thanks, James.
> >>
> >>Ignoring for the moment how these workarounds smack of "hack", this
> >>doesn't solve the problem of people visiting the site w/o cookies
> >>enabled. What I don't understand is why the delimiter ';' is being
> >>
> >>
> >used,
> >
> >
> >>instead of the traditional '?' - which Apache wouldn't have a
problem
> >>stripping off and serving up the proper file with ...
> >>
> >>
> >
> >
> >That seems to be a rule in the Servlet specification on URL rewriting
> >for passing session info.
> >
>
>http://www.jcp.org/aboutJava/communityprocess/first/jsr053/servlet23_PF
D
> >.pdf
> >
> >
> >Saul
> >
> >
> >
> >
> Seems strange that a rule would be set that breaks IETF standards,
> doesn't it? Or am I seeing this totally wrong?

Not sure what's the rational why it's not using "?" instead of ":", I
guess it has to do with security or something. Using "?jsessionid" makes
it looks like a general request parameter and can be easily accessed and
modified by the applications. Just my thoughts.


Saul


> 
> --
> Brice D. Ruth
> Sr. IT Analyst
> Fiskars Brands, Inc.
> 
> 
> 
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: how to disable (or work around) jsessionid in html:img sources

2003-10-23 Thread Ruth, Brice

Saul Q Yuan wrote:

-Original Message-
From: Ruth, Brice [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 23, 2003 9:32 AM
To: Struts Users Mailing List
Subject: Re: how to disable (or work around) jsessionid in html:img
sources
James Mitchell wrote:

A bit of history on this subject:

* From: Craig R. McClanahan
* Subject: Re: Why would jsessionid not appear?
* Date: Wed, 08 Aug 2001 12:09:26 -0700
The jsessionid path parameter will only be added if the servlet
container
does not know whether your client supports cookies.  How Tomcat

handles

this (probably typical of others):

* On the first response in a session, send the session id
both ways (cookie and encoding).
* If the subsequent request comes back with a cookie, turn
of URL rewriting for the remainder of this session.
* If the subsequent request comes back without a cookie,
keep on rewriting.
Craig

So, with that having been said, all you have to do is
tell all your users to hit refresh whenever they access
your site.
That way, all external links and images will work.

If you find that unacceptable, you could:

Move the contents of index.jsp to index2.jsp, then:

Put a meta refresh tag as your initial page (index.jsp).
  http://www.yoursite.com/index2.jsp";>
or

Add some javascript that sends the user to index2.jsp.
  (similar to above)
or

Use  or any number of ways in a scriptlet
to redirect to index2.jsp
On the Struts-Atlanta web site (http://www.struts-atlanta.org),
I take a slightly different approach.
At the top of my index.jsp, I do this:

What this does is refresh the page one time only.  This method works

for

me because I am not posting or processing any forms with this page

which

would not work correctly if I had.

Hope that helps.

Thanks, James.

Ignoring for the moment how these workarounds smack of "hack", this
doesn't solve the problem of people visiting the site w/o cookies
enabled. What I don't understand is why the delimiter ';' is being

used,

instead of the traditional '?' - which Apache wouldn't have a problem
stripping off and serving up the proper file with ...

That seems to be a rule in the Servlet specification on URL rewriting
for passing session info.
http://www.jcp.org/aboutJava/communityprocess/first/jsr053/servlet23_PFD
.pdf
Saul

Seems strange that a rule would be set that breaks IETF standards, 
doesn't it? Or am I seeing this totally wrong?

--
Brice D. Ruth
Sr. IT Analyst
Fiskars Brands, Inc.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: how to disable (or work around) jsessionid in html:img sources

2003-10-23 Thread Ruth, Brice

Bizarre ... dunno what's up with my config, then. Not a biggie, I guess 
- my workaround still works, I guess. I just wanted to use this because 
I was using a scriptlet to generate some *very* dynamic code and got 
into a situation where I couldn't use  because it'd be 
nested within an  tag (in an onmouseover attribute) - so I 
wanted to use that code to get the prefix to just insert with another 
scriptlet. But, I think I've worked around that now, too.

It is truly amazing how a JSP can be compiled from custom JSP tags 
(tiles, struts, etc.), java code scriptlets, and EL expressions within 
tags, to something that actually works. I am truly amazed at times! :)

Kris Schneider wrote:

If it's any consolation, I just tried the original JSP-only code I posted with
TC 4.1.24 and it worked fine...
Quoting "Ruth, Brice" <[EMAIL PROTECTED]>:

 

James Mitchell wrote:

   

A bit of history on this subject:

* From: Craig R. McClanahan
* Subject: Re: Why would jsessionid not appear?
* Date: Wed, 08 Aug 2001 12:09:26 -0700 

The jsessionid path parameter will only be added if the servlet
container
does not know whether your client supports cookies.  How Tomcat handles
this (probably typical of others):
* On the first response in a session, send the session id
both ways (cookie and encoding).
* If the subsequent request comes back with a cookie, turn
of URL rewriting for the remainder of this session.
* If the subsequent request comes back without a cookie,
keep on rewriting.
Craig



So, with that having been said, all you have to do is 
tell all your users to hit refresh whenever they access 
your site.  

That way, all external links and images will work.

If you find that unacceptable, you could:

Move the contents of index.jsp to index2.jsp, then:

Put a meta refresh tag as your initial page (index.jsp).
  http://www.yoursite.com/index2.jsp";> 

or

Add some javascript that sends the user to index2.jsp.
  (similar to above)
or

Use  or any number of ways in a scriptlet
to redirect to index2.jsp
On the Struts-Atlanta web site (http://www.struts-atlanta.org), 
I take a slightly different approach.
At the top of my index.jsp, I do this:







What this does is refresh the page one time only.  This method works for
me because I am not posting or processing any forms with this page which
would not work correctly if I had.
Hope that helps.



 

Thanks, James.

Ignoring for the moment how these workarounds smack of "hack", this 
doesn't solve the problem of people visiting the site w/o cookies 
enabled. What I don't understand is why the delimiter ';' is being used, 
instead of the traditional '?' - which Apache wouldn't have a problem 
stripping off and serving up the proper file with ...

Just to clarify - by calling these workarounds "hacks" - I mean no 
disrespect - I am just looking for a cleaner method of handling this. 
That's all.

Brice

--
Brice D. Ruth
Sr. IT Analyst
Fiskars Brands, Inc.
   

 

--
Brice D. Ruth
Sr. IT Analyst
Fiskars Brands, Inc.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: how to disable (or work around) jsessionid in html:img sources

2003-10-23 Thread Saul Q Yuan



> -Original Message-
> From: Ruth, Brice [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 23, 2003 9:32 AM
> To: Struts Users Mailing List
> Subject: Re: how to disable (or work around) jsessionid in html:img
> sources
> 
> James Mitchell wrote:
> 
> >A bit of history on this subject:
> >
> > * From: Craig R. McClanahan
> > * Subject: Re: Why would jsessionid not appear?
> > * Date: Wed, 08 Aug 2001 12:09:26 -0700
> >
> >The jsessionid path parameter will only be added if the servlet
> >container
> >does not know whether your client supports cookies.  How Tomcat
handles
> >this (probably typical of others):
> >
> >* On the first response in a session, send the session id
> >  both ways (cookie and encoding).
> >
> >* If the subsequent request comes back with a cookie, turn
> >  of URL rewriting for the remainder of this session.
> >
> >* If the subsequent request comes back without a cookie,
> >  keep on rewriting.
> >
> >Craig
> >
> >
> >
> >So, with that having been said, all you have to do is
> >tell all your users to hit refresh whenever they access
> >your site.
> >
> >That way, all external links and images will work.
> >
> >If you find that unacceptable, you could:
> >
> >Move the contents of index.jsp to index2.jsp, then:
> >
> >  Put a meta refresh tag as your initial page (index.jsp).
> > >  content="2;URL=http://www.yoursite.com/index2.jsp";>
> >
> >  or
> >
> >  Add some javascript that sends the user to index2.jsp.
> >(similar to above)
> >
> >  or
> >
> >  Use  or any number of ways in a scriptlet
> >  to redirect to index2.jsp
> >
> >
> >On the Struts-Atlanta web site (http://www.struts-atlanta.org),
> >I take a slightly different approach.
> >At the top of my index.jsp, I do this:
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >What this does is refresh the page one time only.  This method works
for
> >me because I am not posting or processing any forms with this page
which
> >would not work correctly if I had.
> >
> >Hope that helps.
> >
> >
> >
> Thanks, James.
> 
> Ignoring for the moment how these workarounds smack of "hack", this
> doesn't solve the problem of people visiting the site w/o cookies
> enabled. What I don't understand is why the delimiter ';' is being
used,
> instead of the traditional '?' - which Apache wouldn't have a problem
> stripping off and serving up the proper file with ...


That seems to be a rule in the Servlet specification on URL rewriting
for passing session info.

http://www.jcp.org/aboutJava/communityprocess/first/jsr053/servlet23_PFD
.pdf


Saul



> 
> Just to clarify - by calling these workarounds "hacks" - I mean no
> disrespect - I am just looking for a cleaner method of handling this.
> That's all.
> 
> Brice
> 
> --
> Brice D. Ruth
> Sr. IT Analyst
> Fiskars Brands, Inc.
> 
> 
> 
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: how to disable (or work around) jsessionid in html:img sources

2003-10-23 Thread Kris Schneider

If it's any consolation, I just tried the original JSP-only code I posted with
TC 4.1.24 and it worked fine...

Quoting "Ruth, Brice" <[EMAIL PROTECTED]>:

> James Mitchell wrote:
> 
> >A bit of history on this subject:
> >
> > * From: Craig R. McClanahan
> > * Subject: Re: Why would jsessionid not appear?
> > * Date: Wed, 08 Aug 2001 12:09:26 -0700 
> >
> >The jsessionid path parameter will only be added if the servlet
> >container
> >does not know whether your client supports cookies.  How Tomcat handles
> >this (probably typical of others):
> >
> >* On the first response in a session, send the session id
> >  both ways (cookie and encoding).
> >
> >* If the subsequent request comes back with a cookie, turn
> >  of URL rewriting for the remainder of this session.
> >
> >* If the subsequent request comes back without a cookie,
> >  keep on rewriting.
> >
> >Craig
> >
> >
> >
> >So, with that having been said, all you have to do is 
> >tell all your users to hit refresh whenever they access 
> >your site.  
> >
> >That way, all external links and images will work.
> >
> >If you find that unacceptable, you could:
> >
> >Move the contents of index.jsp to index2.jsp, then:
> >
> >  Put a meta refresh tag as your initial page (index.jsp).
> > >  content="2;URL=http://www.yoursite.com/index2.jsp";> 
> >
> >  or
> >
> >  Add some javascript that sends the user to index2.jsp.
> >(similar to above)
> >
> >  or
> >
> >  Use  or any number of ways in a scriptlet
> >  to redirect to index2.jsp
> >
> >
> >On the Struts-Atlanta web site (http://www.struts-atlanta.org), 
> >I take a slightly different approach.
> >At the top of my index.jsp, I do this:
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >What this does is refresh the page one time only.  This method works for
> >me because I am not posting or processing any forms with this page which
> >would not work correctly if I had.
> >
> >Hope that helps.
> >
> >  
> >
> Thanks, James.
> 
> Ignoring for the moment how these workarounds smack of "hack", this 
> doesn't solve the problem of people visiting the site w/o cookies 
> enabled. What I don't understand is why the delimiter ';' is being used, 
> instead of the traditional '?' - which Apache wouldn't have a problem 
> stripping off and serving up the proper file with ...
> 
> Just to clarify - by calling these workarounds "hacks" - I mean no 
> disrespect - I am just looking for a cleaner method of handling this. 
> That's all.
> 
> Brice
> 
> -- 
> Brice D. Ruth
> Sr. IT Analyst
> Fiskars Brands, Inc.

-- 
Kris Schneider 
D.O.Tech   

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: how to disable (or work around) jsessionid in html:img sources

2003-10-23 Thread Ruth, Brice

James Mitchell wrote:

A bit of history on this subject:

* From: Craig R. McClanahan
* Subject: Re: Why would jsessionid not appear?
* Date: Wed, 08 Aug 2001 12:09:26 -0700 

The jsessionid path parameter will only be added if the servlet
container
does not know whether your client supports cookies.  How Tomcat handles
this (probably typical of others):
* On the first response in a session, send the session id
 both ways (cookie and encoding).
* If the subsequent request comes back with a cookie, turn
 of URL rewriting for the remainder of this session.
* If the subsequent request comes back without a cookie,
 keep on rewriting.
Craig



So, with that having been said, all you have to do is 
tell all your users to hit refresh whenever they access 
your site.  

That way, all external links and images will work.

If you find that unacceptable, you could:

Move the contents of index.jsp to index2.jsp, then:

 Put a meta refresh tag as your initial page (index.jsp).
   http://www.yoursite.com/index2.jsp";> 

 or

 Add some javascript that sends the user to index2.jsp.
   (similar to above)
 or

 Use  or any number of ways in a scriptlet
 to redirect to index2.jsp
On the Struts-Atlanta web site (http://www.struts-atlanta.org), 
I take a slightly different approach.
At the top of my index.jsp, I do this:







What this does is refresh the page one time only.  This method works for
me because I am not posting or processing any forms with this page which
would not work correctly if I had.
Hope that helps.

 

Thanks, James.

Ignoring for the moment how these workarounds smack of "hack", this 
doesn't solve the problem of people visiting the site w/o cookies 
enabled. What I don't understand is why the delimiter ';' is being used, 
instead of the traditional '?' - which Apache wouldn't have a problem 
stripping off and serving up the proper file with ...

Just to clarify - by calling these workarounds "hacks" - I mean no 
disrespect - I am just looking for a cleaner method of handling this. 
That's all.

Brice

--
Brice D. Ruth
Sr. IT Analyst
Fiskars Brands, Inc.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: how to disable (or work around) jsessionid in html:img sources

2003-10-22 Thread James Mitchell

A bit of history on this subject:

 * From: Craig R. McClanahan
 * Subject: Re: Why would jsessionid not appear?
 * Date: Wed, 08 Aug 2001 12:09:26 -0700 

The jsessionid path parameter will only be added if the servlet
container
does not know whether your client supports cookies.  How Tomcat handles
this (probably typical of others):

* On the first response in a session, send the session id
  both ways (cookie and encoding).

* If the subsequent request comes back with a cookie, turn
  of URL rewriting for the remainder of this session.

* If the subsequent request comes back without a cookie,
  keep on rewriting.

Craig



So, with that having been said, all you have to do is 
tell all your users to hit refresh whenever they access 
your site.  

That way, all external links and images will work.

If you find that unacceptable, you could:

Move the contents of index.jsp to index2.jsp, then:

  Put a meta refresh tag as your initial page (index.jsp).
http://www.yoursite.com/index2.jsp";> 

  or

  Add some javascript that sends the user to index2.jsp.
(similar to above)

  or

  Use  or any number of ways in a scriptlet
  to redirect to index2.jsp


On the Struts-Atlanta web site (http://www.struts-atlanta.org), 
I take a slightly different approach.
At the top of my index.jsp, I do this:










What this does is refresh the page one time only.  This method works for
me because I am not posting or processing any forms with this page which
would not work correctly if I had.

Hope that helps.


--
James Mitchell
Software Engineer / Struts Evangelist
http://www.struts-atlanta.org
678.910.8017
AIM:jmitchtx



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: how to disable (or work around) jsessionid in html:img sources

2003-10-22 Thread Kris Schneider

I haven't actually run the code, but I don't see what the issue would 
be. If you run:

javap -classpath /path/to/struts.jar org.apache.struts.Globals

You should get something like:

Compiled from "Globals.java"
public class org.apache.struts.Globals extends java.lang.Object 
implements java.io.Serializable{
...
public static final java.lang.String MODULE_KEY;
...
}

Another approach would be to use the action that fronts the page to 
create the module path:

ServletContext ctx = getServlet().getServletContext();
ModuleConfig moduleConfig = RequestUtils.getModuleConfig(request, ctx);
String prefix = "";
if (moduleConfig != null) {
  prefix = moduleConfig.getPrefix();
}
String modulePath = request.getContextPath() + prefix;
request.setAttribute("modulePath", modulePath);
Ruth, Brice wrote:
I tried this and got a JSP compile error that MODULE_KEY in 
org.apache.struts.Globals couldn't be resolved ...

org.apache.struts.Globals _jspx_th_c_rt_set_0.setValue( 
Globals.MODULE_KEY ); ^ 1 error

?!

Kris Schneider wrote:

If you can accomplish what you want via Apache rewrite rules, that 
seems like a
simpler solution. If that doesn't work out, here's a JSP/JSTL 
equivalent of how
 comes up with the module path:

<%@ page import="org.apache.struts.Globals" %>
<%@ taglib prefix="c"uri="http://java.sun.com/jstl/core"; %>
<%@ taglib prefix="c_rt" uri="http://java.sun.com/jstl/core_rt"; %>




   


">

Quoting dutrieux <[EMAIL PROTECTED]>:

 

Maybe you can try, But I think the impacts is all pages send to 
apache then all virtualhosts defiend by the mod_jk.

Ruth, Brice a écrit :

  

Is this something I can do at a global level, so that it impacts all 
virtualhosts defined by the mod_jk auto configuration file generated 
by Tomcat's connector?

dutrieux wrote:



Hello

For Apache v3.x you need to put in "httpd.conf" file this entry :

RewriteRule ^(.*);jsessionid=.*$ $1 [L]

Best regards

Olivier Dutrieux
*
*
Ruth, Brice a écrit :
  

Ruth, Brice wrote:



Hi. I'm using html:img in certain tiles that are used from very 
different places in my application with the "page" attribute to 
take advantage of module-relative naming for the image sources. 
However, when cookies aren't enabled, or on the first visit to 
the web application (with no session cookie having been 
previously detected), the ';jsessionid=X' gets added to the end 
of the image. Now, I'm not driving any dynamic images, nor do I 
intend to, so this sessionid is worthless to me. Furthermore - 
since I'm using Apache+Tomcat+mod_jk to serve this application, 
Apache seems to choke on serving up this image. I expect its 
because the sessionid is delimited by ';' instead of '?' as I'm 
used to, but maybe not.

Either way - does anyone know of a way to get around this? If 
possible, I'd prefer not having to do anything special in the 
Apache conf, mainly because I'm using the auto-generated mod_jk 
conf file for this configuration.

Thanks!

  
Any takers on this? This is kinda hosin' up my Apache/Tomcat setup 
... Tomcat standalone serves up the images fine with the 
jsessionid junk, but Apache doesn't!


--


*Olivier Dutrieux*



Institut Pasteur
Informatique de gestion
&
Micro-Informatique
25-28 rue du Docteur Roux
75724 PARIS CEDEX 15

Tel: +33 (0) 1 40 61 31 62
Fax: +33 (0) 1 45 68 89 89

--
Kris Schneider 
D.O.Tech   


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: how to disable (or work around) jsessionid in html:img sources

2003-10-22 Thread Ruth, Brice

I tried this and got a JSP compile error that MODULE_KEY in 
org.apache.struts.Globals couldn't be resolved ...

org.apache.struts.Globals _jspx_th_c_rt_set_0.setValue( 
Globals.MODULE_KEY ); ^ 1 error

?!

Kris Schneider wrote:

If you can accomplish what you want via Apache rewrite rules, that seems like a
simpler solution. If that doesn't work out, here's a JSP/JSTL equivalent of how
 comes up with the module path:
<%@ page import="org.apache.struts.Globals" %>
<%@ taglib prefix="c"uri="http://java.sun.com/jstl/core"; %>
<%@ taglib prefix="c_rt" uri="http://java.sun.com/jstl/core_rt"; %>




   


">

Quoting dutrieux <[EMAIL PROTECTED]>:

 

Maybe you can try, But I think the impacts is all pages send to apache 
then all virtualhosts defiend by the mod_jk.

Ruth, Brice a écrit :

   

Is this something I can do at a global level, so that it impacts all 
virtualhosts defined by the mod_jk auto configuration file generated 
by Tomcat's connector?

dutrieux wrote:

 

Hello

For Apache v3.x you need to put in "httpd.conf" file this entry :

RewriteRule ^(.*);jsessionid=.*$ $1 [L]

Best regards

Olivier Dutrieux
*
*
Ruth, Brice a écrit :
   

Ruth, Brice wrote:

 

Hi. I'm using html:img in certain tiles that are used from very 
different places in my application with the "page" attribute to 
take advantage of module-relative naming for the image sources. 
However, when cookies aren't enabled, or on the first visit to the 
web application (with no session cookie having been previously 
detected), the ';jsessionid=X' gets added to the end of the image. 
Now, I'm not driving any dynamic images, nor do I intend to, so 
this sessionid is worthless to me. Furthermore - since I'm using 
Apache+Tomcat+mod_jk to serve this application, Apache seems to 
choke on serving up this image. I expect its because the sessionid 
is delimited by ';' instead of '?' as I'm used to, but maybe not.

Either way - does anyone know of a way to get around this? If 
possible, I'd prefer not having to do anything special in the 
Apache conf, mainly because I'm using the auto-generated mod_jk 
conf file for this configuration.

Thanks!

   

Any takers on this? This is kinda hosin' up my Apache/Tomcat setup 
... Tomcat standalone serves up the images fine with the jsessionid 
junk, but Apache doesn't!

 

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
   

--


*Olivier Dutrieux*



Institut Pasteur
Informatique de gestion
&
Micro-Informatique
25-28 rue du Docteur Roux
75724 PARIS CEDEX 15

Tel: +33 (0) 1 40 61 31 62
Fax: +33 (0) 1 45 68 89 89

   

 

--
Brice D. Ruth
Sr. IT Analyst
Fiskars Brands, Inc.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: how to disable (or work around) jsessionid in html:img sources

2003-10-22 Thread Kris Schneider

If you can accomplish what you want via Apache rewrite rules, that seems like a
simpler solution. If that doesn't work out, here's a JSP/JSTL equivalent of how
 comes up with the module path:

<%@ page import="org.apache.struts.Globals" %>
<%@ taglib prefix="c"uri="http://java.sun.com/jstl/core"; %>
<%@ taglib prefix="c_rt" uri="http://java.sun.com/jstl/core_rt"; %>









">

Quoting dutrieux <[EMAIL PROTECTED]>:

> Maybe you can try, But I think the impacts is all pages send to apache 
> then all virtualhosts defiend by the mod_jk.
> 
> Ruth, Brice a écrit :
> 
> > Is this something I can do at a global level, so that it impacts all 
> > virtualhosts defined by the mod_jk auto configuration file generated 
> > by Tomcat's connector?
> >
> > dutrieux wrote:
> >
> >> Hello
> >>
> >> For Apache v3.x you need to put in "httpd.conf" file this entry :
> >>
> >> RewriteRule ^(.*);jsessionid=.*$ $1 [L]
> >>
> >> Best regards
> >>
> >> Olivier Dutrieux
> >> *
> >>
> >> *
> >> Ruth, Brice a écrit :
> >>
> >>> Ruth, Brice wrote:
> >>>
>  Hi. I'm using html:img in certain tiles that are used from very 
>  different places in my application with the "page" attribute to 
>  take advantage of module-relative naming for the image sources. 
>  However, when cookies aren't enabled, or on the first visit to the 
>  web application (with no session cookie having been previously 
>  detected), the ';jsessionid=X' gets added to the end of the image. 
>  Now, I'm not driving any dynamic images, nor do I intend to, so 
>  this sessionid is worthless to me. Furthermore - since I'm using 
>  Apache+Tomcat+mod_jk to serve this application, Apache seems to 
>  choke on serving up this image. I expect its because the sessionid 
>  is delimited by ';' instead of '?' as I'm used to, but maybe not.
> 
>  Either way - does anyone know of a way to get around this? If 
>  possible, I'd prefer not having to do anything special in the 
>  Apache conf, mainly because I'm using the auto-generated mod_jk 
>  conf file for this configuration.
> 
>  Thanks!
> 
> >>> Any takers on this? This is kinda hosin' up my Apache/Tomcat setup 
> >>> ... Tomcat standalone serves up the images fine with the jsessionid 
> >>> junk, but Apache doesn't!
> >>>
> >>
> >>
> >> -
> >> To unsubscribe, e-mail: [EMAIL PROTECTED]
> >> For additional commands, e-mail: [EMAIL PROTECTED]
> >>
> >
> 
> -- 
> 
> 
> *Olivier Dutrieux*
> 
> 
> 
> 
> Institut Pasteur
> Informatique de gestion
> &
> Micro-Informatique
> 
> 25-28 rue du Docteur Roux
> 75724 PARIS CEDEX 15
> 
> 
> Tel: +33 (0) 1 40 61 31 62
> Fax: +33 (0) 1 45 68 89 89
> 
> 

-- 
Kris Schneider 
D.O.Tech   

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: how to disable (or work around) jsessionid in html:img sources

2003-10-22 Thread dutrieux





Maybe you can try, But I think the impacts is all pages send to apache
then all virtualhosts defiend by the mod_jk.

Ruth, Brice a écrit :
Is this
something I can do at a global level, so that it impacts all
virtualhosts defined by the mod_jk auto configuration file generated by
Tomcat's connector?
  
  
dutrieux wrote:
  
  
  Hello


For Apache v3.x you need to put in "httpd.conf" file this entry :


RewriteRule ^(.*);jsessionid=.*$ $1 [L]


Best regards


Olivier Dutrieux

*


*

Ruth, Brice a écrit :


Ruth, Brice wrote:
  
  
  Hi. I'm using html:img in certain tiles
that are used from very different places in my application with the
"page" attribute to take advantage of module-relative naming for the
image sources. However, when cookies aren't enabled, or on the first
visit to the web application (with no session cookie having been
previously detected), the ';jsessionid=X' gets added to the end of the
image. Now, I'm not driving any dynamic images, nor do I intend to, so
this sessionid is worthless to me. Furthermore - since I'm using
Apache+Tomcat+mod_jk to serve this application, Apache seems to choke
on serving up this image. I expect its because the sessionid is
delimited by ';' instead of '?' as I'm used to, but maybe not.


Either way - does anyone know of a way to get around this? If possible,
I'd prefer not having to do anything special in the Apache conf, mainly
because I'm using the auto-generated mod_jk conf file for this
configuration.


Thanks!


  
Any takers on this? This is kinda hosin' up my Apache/Tomcat setup ...
Tomcat standalone serves up the images fine with the jsessionid junk,
but Apache doesn't!
  
  



-

To unsubscribe, e-mail: [EMAIL PROTECTED]

For additional commands, e-mail: [EMAIL PROTECTED]


  
  


-- 



Institut Pasteur






  

  
  Olivier Dutrieux
   
  
  Institut Pasteur 
Informatique de gestion
&
Micro-Informatique 
  25-28 rue du Docteur Roux 
75724 PARIS CEDEX 15 
  
   Tel: +33 (0) 1 40 61 31 62 
Fax: +33 (0) 1 45 68 89 89 
  

  







<>

Re: how to disable (or work around) jsessionid in html:img sources

2003-10-22 Thread Ruth, Brice

Is this something I can do at a global level, so that it impacts all 
virtualhosts defined by the mod_jk auto configuration file generated by 
Tomcat's connector?

dutrieux wrote:

Hello

For Apache v3.x you need to put in "httpd.conf" file this entry :

RewriteRule ^(.*);jsessionid=.*$ $1 [L]

Best regards

Olivier Dutrieux
*
*
Ruth, Brice a écrit :
Ruth, Brice wrote:

Hi. I'm using html:img in certain tiles that are used from very 
different places in my application with the "page" attribute to take 
advantage of module-relative naming for the image sources. However, 
when cookies aren't enabled, or on the first visit to the web 
application (with no session cookie having been previously 
detected), the ';jsessionid=X' gets added to the end of the image. 
Now, I'm not driving any dynamic images, nor do I intend to, so this 
sessionid is worthless to me. Furthermore - since I'm using 
Apache+Tomcat+mod_jk to serve this application, Apache seems to 
choke on serving up this image. I expect its because the sessionid 
is delimited by ';' instead of '?' as I'm used to, but maybe not.

Either way - does anyone know of a way to get around this? If 
possible, I'd prefer not having to do anything special in the Apache 
conf, mainly because I'm using the auto-generated mod_jk conf file 
for this configuration.

Thanks!

Any takers on this? This is kinda hosin' up my Apache/Tomcat setup 
... Tomcat standalone serves up the images fine with the jsessionid 
junk, but Apache doesn't!



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
Brice D. Ruth
Sr. IT Analyst
Fiskars Brands, Inc.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: how to disable (or work around) jsessionid in html:img sources

2003-10-22 Thread dutrieux

Hello

For Apache v3.x you need to put in "httpd.conf" file this entry :

RewriteRule ^(.*);jsessionid=.*$ $1 [L]

Best regards

Olivier Dutrieux
*
*
Ruth, Brice a écrit :
Ruth, Brice wrote:

Hi. I'm using html:img in certain tiles that are used from very 
different places in my application with the "page" attribute to take 
advantage of module-relative naming for the image sources. However, 
when cookies aren't enabled, or on the first visit to the web 
application (with no session cookie having been previously detected), 
the ';jsessionid=X' gets added to the end of the image. Now, I'm not 
driving any dynamic images, nor do I intend to, so this sessionid is 
worthless to me. Furthermore - since I'm using Apache+Tomcat+mod_jk 
to serve this application, Apache seems to choke on serving up this 
image. I expect its because the sessionid is delimited by ';' instead 
of '?' as I'm used to, but maybe not.

Either way - does anyone know of a way to get around this? If 
possible, I'd prefer not having to do anything special in the Apache 
conf, mainly because I'm using the auto-generated mod_jk conf file 
for this configuration.

Thanks!

Any takers on this? This is kinda hosin' up my Apache/Tomcat setup ... 
Tomcat standalone serves up the images fine with the jsessionid junk, 
but Apache doesn't!



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: how to disable (or work around) jsessionid in html:img sources

2003-10-22 Thread Ruth, Brice

Ruth, Brice wrote:

Hi. I'm using html:img in certain tiles that are used from very 
different places in my application with the "page" attribute to take 
advantage of module-relative naming for the image sources. However, 
when cookies aren't enabled, or on the first visit to the web 
application (with no session cookie having been previously detected), 
the ';jsessionid=X' gets added to the end of the image. Now, I'm not 
driving any dynamic images, nor do I intend to, so this sessionid is 
worthless to me. Furthermore - since I'm using Apache+Tomcat+mod_jk to 
serve this application, Apache seems to choke on serving up this 
image. I expect its because the sessionid is delimited by ';' instead 
of '?' as I'm used to, but maybe not.

Either way - does anyone know of a way to get around this? If 
possible, I'd prefer not having to do anything special in the Apache 
conf, mainly because I'm using the auto-generated mod_jk conf file for 
this configuration.

Thanks!

Any takers on this? This is kinda hosin' up my Apache/Tomcat setup ... 
Tomcat standalone serves up the images fine with the jsessionid junk, 
but Apache doesn't!

--
Brice D. Ruth
Sr. IT Analyst
Fiskars Brands, Inc.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: how to disable (or work around) jsessionid in html:img sources

Re: how to disable (or work around) jsessionid in html:img sources

Re: how to disable (or work around) jsessionid in html:img sources

Re: how to disable (or work around) jsessionid in html:img sources

Re: how to disable (or work around) jsessionid in html:img sources

RE: how to disable (or work around) jsessionid in html:img sources

Re: how to disable (or work around) jsessionid in html:img sources

Re: how to disable (or work around) jsessionid in html:img sources

RE: how to disable (or work around) jsessionid in html:img sources

Re: how to disable (or work around) jsessionid in html:img sources

Re: how to disable (or work around) jsessionid in html:img sources

RE: how to disable (or work around) jsessionid in html:img sources

Re: how to disable (or work around) jsessionid in html:img sources

Re: how to disable (or work around) jsessionid in html:img sources

RE: how to disable (or work around) jsessionid in html:img sources

Re: how to disable (or work around) jsessionid in html:img sources

Re: how to disable (or work around) jsessionid in html:img sources

Re: how to disable (or work around) jsessionid in html:img sources

Re: how to disable (or work around) jsessionid in html:img sources

Re: how to disable (or work around) jsessionid in html:img sources

Re: how to disable (or work around) jsessionid in html:img sources

Re: how to disable (or work around) jsessionid in html:img sources

22 matches

Site Navigation

Mail list logo

Footer information