Loading ...
Sorry, an error occurred while loading the content.

Tomcat, Java Servlets and Session IDs

Expand Messages
  • Tilman Hausherr
    I m doing a course about tomcat, java servets, and JSP. Today we did session-ids. Very interesting for me, because I ve been on the client side for so long and
    Message 1 of 2 , Dec 15, 2005
    • 0 Attachment
      I'm doing a course about tomcat, java servets, and JSP. Today we did
      session-ids. Very interesting for me, because I've been on the client
      side for so long and now I'm learning some of what happens on the server
      side :)

      1) The teacher had initially said that session-ids would work for the
      servlet regardless if cookies were enabled or not. However, when I
      disabled cookies, the session-ids no longer worked properly. The teacher
      suggested to handle this by redirecting the URL to one with the session
      id. However, I wonder if there is indeed an automatic method?

      2) As Xenu author, I have often had questions from users who were
      annoyed that their server set up new session-id's for every URL. Is
      there any servlet author who has managed to recognize that all Xenu
      requests came from the same user, without having to activate the
      cookies? I could put this solution (if there is one) up on the xenu
      website.

      Tilman
    • Stephen Gazard
      tilman, sometimes it s as simple as prepending the session id to each url. For example, /index.php/ would become /index.php?PHP_SESSID=yadayadayada/. normally
      Message 2 of 2 , Dec 19, 2005
      • 0 Attachment
        tilman, sometimes it's as simple as prepending the session id to each url.

        For example, /index.php/ would become
        /index.php?PHP_SESSID=yadayadayada/. normally that's done via a set of
        regular expressions. the harder one becomes getting all onclick events
        to get replaced, and forms to keep the session ID.

        I've not worked with Java or JSP, or tomcat; more with PHP
        Stephen

        gazard.com <http://www.gazard.com/>
        faith <http://www.gazard.com/structure/index.php?section=faith> family
        <http://www.gazard.com/structure/index.php?section=family> forwards
        <http://www.gazard.com/structure/index.php?section=forwards> photos
        <http://www.gazard.com/structure/index.php?section=photos>



        Tilman Hausherr typed the following whilst thumping at a keyboard on
        15/12/2005 18:04:
        > I'm doing a course about tomcat, java servets, and JSP. Today we did
        > session-ids. Very interesting for me, because I've been on the client
        > side for so long and now I'm learning some of what happens on the server
        > side :)
        >
        > 1) The teacher had initially said that session-ids would work for the
        > servlet regardless if cookies were enabled or not. However, when I
        > disabled cookies, the session-ids no longer worked properly. The teacher
        > suggested to handle this by redirecting the URL to one with the session
        > id. However, I wonder if there is indeed an automatic method?
        >
        > 2) As Xenu author, I have often had questions from users who were
        > annoyed that their server set up new session-id's for every URL. Is
        > there any servlet author who has managed to recognize that all Xenu
        > requests came from the same user, without having to activate the
        > cookies? I could put this solution (if there is one) up on the xenu
        > website.
        >
        > Tilman
        >
        >
        >
        >
        >
        >
        >
        > Yahoo! Groups Links
        >
        >
        >
        >
        >
        >
        >
        >
        >
      Your message has been successfully submitted and would be delivered to recipients shortly.