Re: Handling session in Applet-Servlet Communication

Fri, 22 Dec 2000 07:49:06 -0800 

Srirajesh Vairamani wrote:
>
> Can anyone please explain how to rewrite the session
> info from a servlet to Applet and then applet calling
> the servlet again (second time) with the session info.
>

 You would think there would be a simple answer, but
unfortunately, it just depends.

 Evidently, on newish browsers, when you're using the
right JVM, and the user has cookies on, then the
browser's version of the java HTTP code will actually
handle the cookies for you, adding-to and deleting-from
the browser's cookie cache.[1]

 Unfortunately, that doesn't always work, because
you can't depend on it. If you're running applets
outside the browser[2], or in a browser that doesn't
happen to do the cookie-thing, then your code won't
work as expected. And, of course, the user can turn
cookies off, and the servlet might be using
url-rewriting instead of cookies. (Had enough
yet? :-)

 One answer, suggested in [3], is to handle the
whole conversation youself at the Socket level,
bypassing Java's built-in HTTP code entirely. That
way you can be sure that Cookies are handled
consistently, regardless of the JVM or brower
cookie settings. There are alternate HTML handling
libraries available which would help with this.

 If the servlet is using a URL-based sessions
scheme, you will have to handle that yourself
in any case.

 You might think you're going to be rewarded with
an authoritative answer after wading through all of
the above, but no such luck. There is some good
discussion  in [3], but I'd be interested to hear
from anyone who's actually dealt with the issues
in a production environment. I'd be willing to
summarize the answers and submit a mini-FAQ for the
archives.


-cks


[1] <URL:http://java.sun.com/products/plugin/1.3/docs/cookie.html>
 The document is specific to Sun's Java Plug-In,
 you get the idea...

[2] Like when you're testing in appletviewer.

[3] <URL:http://www.jguru.com/jguru/faq/printablefaq.jsp?faq=Applets>
 Some good info, but it doesn't appear to talk
 about the applet's use of the internal browser
 cookie-cache, which is a pretty big issues...

___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".

Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html

Reply via email to