Hi all!
I don't know is it a bug in Turbine, in Tomcat or somewhere else, but
there is something wrong with session tracking when cookies are
disabled.
As much as I have understood, when the first request from a client comes
to Turbine, it redirects the browser to some "start" screen (login
screen by default). It does this to check if the browser supports
cookies: the session information is stored in two places: URL
(querystring) and cookies. Now, if cookies are not enabled, the browser
won't return the cookie and Turbine will use URL rewriting to track the
session. Correct?
This is also the behavior that is observable on the example jyve system
(http://java.apache.org/jyve-faq/Turbine).
However, when I try to replicate the same thing on my tomcat (3.1 beta)
and turbine, I get an infinite redirect exception because no sessionID
is appended to the redirection URL and the browser is redirected twice:
first to the login screen and then again to the login screen.
As much as I understand, the sessionID should be appended to the URL
already during the first redirect?
But who is responsible for doing that? DynamicURI or servlet engine? Is
suspect that servlet engine should handle it transparently, but somehow
it doesn't work in my case. Is there some configuration option in Tomcat
that I have to enable?
Any help appreciated,
Neeme
------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Problems?: [EMAIL PROTECTED]
