I hope that this is the right list to post this to. If not, apologies.
I'm having a problem with session information getting lost when Tomcat
redirects from a request to a folder, to the underlying resource (eg
../folder/index.jsp) when URLs are encoded with the session ID.
This might be a problem for sites that are encoding all URLs (using
response.encodeURL() and response.encodeRedirectURL()) when the browser
has cookies turned off, or the browser doesn't support cookies.
Here is an example of what happens:
Servlet redirects to "/folder1/" using the following code:
String page = response.encodeRedirectURL("/folder1/");
response.sendRedirect(page);
OR jsp page provides a link to "/folder1/" by rewriting the URL
<a href="<c:url value='/folder1/'>">Folder 1</a>
When tomcat receives the request for "/folder1/", it *appears* to redirect
to "/folder1/index.jsp", but DOES NOT rewrite the URL.
When you end up in the "/folder1/index.jsp" page, the original session is
lost.
I know that a work-around is to specify the resource (ie index.jsp) rather
than the enclosing folder, but this may not be suitable in all cases.
Does this seem like a bug, and is anyone else able to confirm it?
Thanks
John Sidney-Woollett
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
