subject:"RE\: if user's browser doesn't support Cookies, then where to store user's session information\?"

RE: if user's browser doesn't support Cookies, then where to store user's session information?

2010-01-12 Thread Looijmans, Mike

There's an option somewhere to put the session ID into the URL.

You can store state information in the session. Be careful, a browser
with two windows will share the session between the two windows, so that
a user may get very confusing results when you store currentpage in
the session. Typically, the session is only used to store user login
credentials, but not application data/state.

You can store information on the client using hidden field on forms,
which will send their data back when submitted. You can also add extra
data in URLs, by adding parameters (e.g.
href=nextpage?page=6queryid=10) or extra 'path' information
(href=nextpage/10/6), which is very handy if you want to preserve user
input across many links (any link will be relative to the URL that was
used to reach this page, so ../7 could refer to page 7 of the same
query).

You can safely store a few kB of information in hidden fields or URLs
without affecting performance. 

M.

 -Original Message-
 From: Peter Chen [mailto:peter.c...@aicent.com] 
 Sent: dinsdag 12 januari 2010 10:01
 To: users@tomcat.apache.org
 Subject: if user's browser doesn't support Cookies, then 
 where to store user's session information?
 
 Hi, all
 
 I am using Tomcat 5.5.26 as the Web Server. I know the 
 session information is stored in Cookies with the key JSESSIONID. 
 
  
 
 But some browsers don't support Cookies. 
 
 So my question is if user's browser doesn't support Cookies, 
 then where to store user's session information? 
 
 And besides session, how to store other user's state 
 information, because HTTP protocol is a stateless protocol?
 
  
 
 Thanks.
 
  
 
 

This message and attachment(s) are intended solely for use by the addressee and 
may contain information that is privileged, confidential or otherwise exempt 
from disclosure under applicable law.

If you are not the intended recipient or agent thereof responsible for 
delivering this message to the intended recipient, you are hereby notified that 
any dissemination, distribution or copying of this communication is strictly 
prohibited.

If you have received this communication in error, please notify the sender 
immediately by telephone and with a 'reply' message.

Thank you for your co-operation.



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: if user's browser doesn't support Cookies, then where to store user's session information?

2010-01-12 Thread Mark Thomas

On 12/01/2010 09:00, Peter Chen wrote:
 Hi, all
 
 I am using Tomcat 5.5.26 as the Web Server. I know the session
 information is stored in Cookies with the key JSESSIONID. 
 
 But some browsers don't support Cookies. 
 
 So my question is if user's browser doesn't support Cookies, then where
 to store user's session information? 

Read chapter SRV.7 of the Servlet 2.4 specification.

 And besides session, how to store other user's state information,
 because HTTP protocol is a stateless protocol?

On the client or in the URL are two that come to mind. How appropriate
those approaches are will depend on your app. There is, of course, the
make your app stateless option.

Mark



-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: if user's browser doesn't support Cookies, then where to store user's session information?

2010-01-12 Thread Pid


On 12/01/2010 09:00, Peter Chen wrote:

Hi, all

I am using Tomcat 5.5.26 as the Web Server. I know the session
information is stored in Cookies with the key JSESSIONID.


Only the id is stored in the cookie.


But some browsers don't support Cookies.

So my question is if user's browser doesn't support Cookies, then where
to store user's session information?


In the URL.

If you encode every URL on the page then Tomcat will determine whether 
there's a cookie and it will rewrite the URL to include the parameter 
jsessionid.


 a href=% response.encodeURL('/path/to/page.jsp') %Link text/a

An encoded URL will look like this:

 server.com/path/to/page.jsp;jsessionid=000?some=paramgoes=here


Some frameworks (e.g. Struts) provide a tag library to do this which can 
make your HTML much more readable.  It's not complicated to write your 
own though, if you don't want to use a framework.


 html:a href=/path/to/page.jspLink text/html:a



And besides session, how to store other user's state information,
because HTTP protocol is a stateless protocol?


In a database?


p


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: if user's browser doesn't support Cookies, then where to store user's session information?

Re: if user's browser doesn't support Cookies, then where to store user's session information?

Re: if user's browser doesn't support Cookies, then where to store user's session information?

3 matches

Site Navigation

Mail list logo

Footer information