Re: Session Tracking problem...

[Liwen Chen]

Hi, Jackson, thanks for your comments. Actually, others can know the session id from viewing the source easily. i just wonder if there is a way to hide the session id without cookie.   liwen ----- Original Message ----- From: Jackson Ching To: [EMAIL PROTECTED] Sent: Friday, May 12, 2000 11:31 AM Subject: Re: Session Tracking problem... Liwen,       another way is to use of hidden fields in your form.       <FORM ... >       <INPUT TYPE=HIDDEN NAME=SESSIONID VALUE=yourSessionId>     </FORM>   jack *********** REPLY SEPARATOR *********** On 5/12/00 at 8:49 AM Liwen Chen wrote: Hi, friends, I got a problem about Session Tracking in Servlets:   When user disable cookie, we cannot using HttpSession to pass SessionID around servlets. Everytime, the SessionID is a new one for the request. The alternative way is using URL rewriting, as suggested by some books. My problem is: can I do it without using URL rewriting? I want to do so because URL rewriting has some disadvantages like lack of security...   Thanks for your consideration!   Regards Liwen