I am curious. If you were to prepare a set of pages that would each add
something to the URL and you wanted to parse a user/password cookie from
the URL at the end of the user session and pass it to the browser as a
real cookie... how would that be accomplished easiest???
Jon
"Craig R. McClanahan" wrote:
>
> John Evershed wrote:
>
> > Cookies are the easiest way to maintain session state.
> >
> > BUT, if you depend on cookies, you run the risk of the
> > client browser either not being capable of accepting
> > cookies or the browser user deliberately turning cookies
> > off.
> >
> > When this happens, you probably end up creating new session
> > each time that user accesses a page in your application -
> > this could add up to a lot of useless object clutter in your
> > VM (as the new sessions cannot ever be used).
> >
> > Does anyone have a comment on the advisability of the
> > following solution?... [snipped mechanism to tell the user they need
> > cookies]
>
> The Servlet API does offer a standard approach to using sessions even when the
> browser does not have cookies enabled. It is called URL rewriting. This
> allows you to presume support for sessions without worrying about whether or
> not cookies are actually being used "under the covers". The only additional
> responsibility you need to do is call HttpServletResponse.encodeUr() for each
> URL that your servlet generates that points back to this application.
>
> If you really want to not support the user when cookies are disabled, just use
> getSession(false) in your subsequent pages (i.e. once you are past the "home"
> page of the site). If this returns null (because no session id cookie was
> retunred), you can do your error page thing, and not worry about creating lots
> of useless sessions.
>
> Craig McClanahan
>
> ___________________________________________________________________________
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
--
===========================================
Jon Thor Williams Phish
Java Software Specialist :-)
TrailerSoft [EMAIL PROTECTED] *
"I want to party like it's 1929!" - Unknown
===========================================
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
