on 5/17/2000 8:52 AM, Neeme Praks <[EMAIL PROTECTED]> wrote:
> Hi all!
>
> I don't know is it a bug in Turbine, in Tomcat or somewhere else, but
> there is something wrong with session tracking when cookies are
> disabled.
I haven't tested this with Tomcat, but I have with JServ and it works...so
it is probably a bug there.
> As much as I have understood, when the first request from a client comes
> to Turbine, it redirects the browser to some "start" screen (login
> screen by default). It does this to check if the browser supports
> cookies: the session information is stored in two places: URL
> (querystring) and cookies. Now, if cookies are not enabled, the browser
> won't return the cookie and Turbine will use URL rewriting to track the
> session. Correct?
If you use DynamicURI to build your URL's, yes. DynamicURI is just a wrapper
around res.encodeUrl() which you can also use.
> This is also the behavior that is observable on the example jyve system
> (http://java.apache.org/jyve-faq/Turbine).
right.
> However, when I try to replicate the same thing on my tomcat (3.1 beta)
> and turbine, I get an infinite redirect exception because no sessionID
> is appended to the redirection URL and the browser is redirected twice:
> first to the login screen and then again to the login screen.
probably a tomcat problem.
> As much as I understand, the sessionID should be appended to the URL
> already during the first redirect?
> But who is responsible for doing that? DynamicURI or servlet engine? Is
> suspect that servlet engine should handle it transparently, but somehow
> it doesn't work in my case. Is there some configuration option in Tomcat
> that I have to enable?
The servlet engine. As I said, DynamicURI just wraps around res.encodeUrl().
-jon
--
Java Servlet Based - Open Source | Collab.Net
Bug/Issue Tracking System | now hiring smart people
<http://scarab.tigris.org/> | <http://Collab.Net/jobs/>
------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Problems?: [EMAIL PROTECTED]
