Re: [OT] Sharing session with manual jsessionid

Fri, 24 Jun 2005 07:46:58 -0700

I commiserate. Only last week I tried to override the cookie header for an AJAX request using setRequestHeader. It didn't work :( 

Allistair Crossley wrote:
Thanks for the info. I have been trying with ; but to no avail, so it must be the case (and it will be) that the parent page's session id is already a cookie AND I am passing it as a URL, so the cookie is winning. 
Since the XML requests are generated by JavaScript client-side objects, there 
is little scope for tampering with headers but I can look at the other JSP end 
to see if I can do anything I suppose.

Thanks again.



-----Original Message-----
From: Jon Wingfield [mailto:[EMAIL PROTECTED]
Sent: 24 June 2005 15:13
To: Tomcat Users List
Subject: Re: [OT] Sharing session with manual jsessionid
The jsessionid would have to be a path parameter not a url parameter (append prefixed with a semi-colon rather than a question mark).
There was a thread last week called "isRequestedSessionIdFromURL() returns false" which discussed what happens when the id is both in the url and a cookie: the cookie wins. You'll have to make sure the xml requests don't have the cookie header. (It sounds like that is the case as a new session is generated.) 

HTH,

Jon

Allistair Crossley wrote:


Hi,
We are using embedded XML requests within out browser and I
would like to share information through 1 session since these XML requests create new requests with their own sessions.
I am obtaining the outer session with session.getId and
manually adding jsessionid=<%= session.getId() %> to the XML requests in the hope that the jsessionid will override the presence of cookies in the internal JSP that the XML request hits.
However, it does not, and the internal JSP generates 

another session id.


I don't think this can be helped can it?

Cheers, Allistair
<FONT SIZE=1 FACE="VERDANA,ARIAL" COLOR=BLUE> ------------------------------------------------------- 
QAS Ltd.
Registered in England: No 2582055
Registered in Australia: No 082 851 474
-------------------------------------------------------
</FONT>






---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to