I'm not sure about that. Here's what seems to me to be the sequence
of events:
Browser sends initial request http://myapp.com
Tomcat creates session and generates page for this request.
Tomcat doesn't know that Browser supports cookies, so it
should append jsessionid (but doesn't ??)
Browser get's Tomcat response & display's page with address: http://myapp.com
Browser creates JSESSIONID cookie (using info supplied by Tomcat in
response):
Cookie has contents: 4E4F86E5B779F43BCA7895B8A554FDCD
-----
Browser makes 2nd request, for http://myapp/anotherPage. Browser
must definitely by now be stating that it supports cookies.
Tomcat prepares response, adding jsessionid (why?), the SAME
jsessionid as in the cookie: 4E4F86E5B779F43BCA7895B8A554FDCD
Browser displays response with jsessionid showing in address bar.
----
More interactions, but no more jsessionid's.....
On Jan 4, 2010, at 4:11 PM, Mark Thomas wrote:
On 04/01/2010 20:52, Ken Bowen wrote:
I'm seeing what I think is odd behavior regarding jsessionid's.
[My setup(s): Tomcat 6.0.20 on a MacBook Pro using Java 1.6.0_17,
Tomcat 6.0.18 on CentOS 5 using Java 1.6.0_12 ]
I'm seeing the same behavior on both systems, and the same
behavior happens with Safari and FF. Both browsers have cookies
turned on.
I have cookies="true" in context.xml in the app's META_INF.
The Behavior:
I Clear Recent History in FF, which includes clearing cookies,
and request http://myapp.com/ I connect and the address bar
shows:
http://myapp.com/
Moreover, a JESSIONID cookie shows in FF's list of cookies.
I make a request for another page in the app and the address bar
shows:
http://myapp.com/anotherPage;jsessionid=9612C2CAA30DE590AA7A5FDB046DA4F9
Just a guess - I haven't looked at the source code to be sure.
At the point where the page was generated, Tomcat doesn't know that
the
client supports cookies since at that point the client hasn't sent a
request with a JSESSIONID cookie so any urls generated will have the
session ID appended.
Once a cookie is received, Tomcat knows there is no need to include
the
session ID in the URL.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org