What difference does it make what the sessionid is? the session will still expire, so if you need to keep track of data by ip address instead of sessions, store it in a database. You can always store the ipaddress in the session and retrieve it just as you sould retrieve the session id.
The use of jsessionid is part of the spec and isn't likely to change. Session id's are also made to be unique so that multiple people can use different sessions from through the same proxy. Charlie > -----Original Message----- > From: Jose Miguel Guzman Cassanello [mailto:[EMAIL PROTECTED]] > Sent: Thursday, November 21, 2002 7:32 AM > To: Tomcat Users List > Subject: Re: Session Tracking based on the Client's IP > > > But, How can I change the SessionID, for using the Client IP > as the Index? > The getSession() method retrieves the Session for the client, > based on the > SessionID (that normally is based in Cookies or re-writed URLs) > What I need is a way to "force" the SessionID to different value, for > example, the Client IP. > > Probably the best way, is simply define a Hashtable as a > Context Atributte, > in order to store client status information indexed by the > Client IP, and > don't use the Session Tracking API. > > -JM > > ----- Original Message ----- > From: "vivek baliga" <[EMAIL PROTECTED]> > To: "Tomcat Users List" <[EMAIL PROTECTED]> > Sent: Thursday, November 21, 2002 9:01 AM > Subject: Re: Session Tracking based on the Client's IP > > > > Hi , > > request.getRemoteAddr() will give u the IP > > Put time with session and compare when there is new request > > jabs > > > > > > > > ----- Original Message ----- > > From: "Power-Netz (Schwarz)" <[EMAIL PROTECTED]> > > To: "Tomcat Users List" <[EMAIL PROTECTED]> > > Sent: Thursday, November 21, 2002 3:33 PM > > Subject: AW: Session Tracking based on the Client's IP > > > > > > > > would have to punch in the code for verification, that > would definetly > > > > defeat any script but is less convenient for the user. > I would prefer > to > > > > dynamically identify any individual user who uses my > service more > > > > than say > > > > 10-15 times in a minute and ban him for an hour or so. > > > > > > Set a cookie and ask for it :-) > > > > > > -- > > > To unsubscribe, e-mail: > > <mailto:[EMAIL PROTECTED]> > > > For additional commands, e-mail: > > <mailto:[EMAIL PROTECTED]> > > > > > > > > > -- > > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > > > > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
