-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Nelson,
Nelson D. guerrero wrote:
>> Are you using cookies or URL-rewriting in order to track sessions?
> No, the developers are using cookies or URL-rewriting, is this the
> only way that the sessions can replicate between them?
Assuming that Tomcat is managing your sessions (there aren't too many
good reasons to manage your own sessions), then Tomcat uses either
cookies or URL rewriting to maintain sessions between requests.
By default, Tomcat attempts to use cookies, but if cookies are not
supported by the client (the browser), then it resorts to URL rewriting.
> I'm thinking on passing them this piece of code:
>
> ((HttpServletResponse)response).addCookie(new
> Cookie("JSESSIONID",session.getId()));
>
> That will surely help.
Probably not: Tomcat should do this for you already.
Usually, sessions get lost because Tomcat has had to resort to URL
rewriting, but the application has not been written with this in mind.
For instance, every single URL that you generate ought to go through
request.encodeURL to make sure that the session id is properly added if
necessary. If you don't do this, then you'll end up creating a new
session when you use that (session-less) link.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGCtdd9CaO5/Lv0PARAmbxAKCqWzIxQKLz38z0xIVXXFpE2cWBLwCeLqaU
ezD9gy8vmCGlyoyfWAk5bE8=
=DfrI
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
