Definitely a difference in the cookies: There are stored cookies (cookie file on file system) and session cookies (in-memory only). Most web apps (including java) maintain the session using session cookies or URL re-writing (to append the session ID). Only web apps that "remember" your login info on a particular computer use stored cookies.
I have no idea which type IE 6 is referring to when you select "block cookies"....however, depending on how your web. app. is implemented, disabling cookies will not prevent you from maintaining a session, as Struts will switch to URL re-writing to maintain it. It will certainly not prevent you from logging in, unless you have additional information on the security principal (besides the sessionID) that goes into the cookie and is required for access. You run into the danger of "broken" links though, where the URLs are not re-written, the sessionID is lost, and thus the session is dropped. --joe -----Original Message----- From: Billy Ng [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 03, 2003 10:58 AM To: Struts Users Mailing List Subject: Re: IE 6 timeout session Are you sure? I changed my IE to Block cookies, but it still let me in without sessing the read eye in the status bar. If I go to yahoo to log in to my account, the red eye shows up. I think java session is different from simply writing cookie to the client. Billy Ng ----- Original Message ----- From: "Chen, Gin" <[EMAIL PROTECTED]> To: "'Struts Users Mailing List'" <[EMAIL PROTECTED]> Sent: Tuesday, June 03, 2003 10:19 AM Subject: RE: IE 6 timeout session > Probably Cookies were blocked. > IE 6 has this popup when a page requires cookies it asks if you want to > accept it. > Even though you are using Session it is detected as a cookie (because thats > what it is :). > He probably selected to block it. > Tell him to look on the status bar at the bottom (view->statusbar if not > already up). > If it has an eye with a red mark on it then he blocked cookies from you. > Double click the eye and select always allow. > -Tim > > -----Original Message----- > From: Billy Ng [mailto:[EMAIL PROTECTED] > Sent: Tuesday, June 03, 2003 1:15 PM > To: Struts Users Mailing List > Subject: Re: IE 6 timeout session > > > It does not care the timeout in the server.xml. After the guy logged in to > the app, he would be returned to the login page if he clicked on anything. > This means his session expired or the session is null. It only happens on > the IE 6 SP-1. > > Billy Ng > > ----- Original Message ----- > From: "Chen, Gin" <[EMAIL PROTECTED]> > To: "'Struts Users Mailing List'" <[EMAIL PROTECTED]> > Sent: Tuesday, June 03, 2003 10:07 AM > Subject: RE: IE 6 timeout session > > > > default timeout is 30 mins. > > are you sure its ie 6 or just him running into the default? > > -Tim > > > > -----Original Message----- > > From: Billy Ng [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, June 03, 2003 1:06 PM > > To: Struts Users Mailing List > > Subject: IE 6 timeout session > > > > > > Hi folks; > > > > I have a customer complains the IE 6 sp1 times out the session after he > is > > logged in the app. I tried to reproduce it but I can't. Have anybody > > experienced this? > > > > Billy Ng > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
