Hi Mike, At 28.01.2002 11:05, you wrote: >No, that's not exactly correct. Tomcat performs URL rewriting in its default >configuration. So sessions are not 'only' possible if cookies are enabled. > >As a first line of defense, your JSP/servlets should be using the encodeURL >or encodeRedirectURL methods to ensure that any user that has cookies >disabled can use your application.
Ah..., this sems to be the problem. I have proted an older Web Application from JRun to Tomcat 4.0.1. When I turned of cookie support in my browser, a session was created on TOMCAT but my app allways falls back to the logon screen. I'll have a look at the code of my servlets and JSP's. Many thanks! Thomas -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
