Loading ...
Sorry, an error occurred while loading the content.

Re: [xenu-usergroup] Tomcat, Java Servlets and Session IDs

Expand Messages
  • Stephen Gazard
    tilman, sometimes it s as simple as prepending the session id to each url. For example, /index.php/ would become /index.php?PHP_SESSID=yadayadayada/. normally
    Message 1 of 2 , Dec 19, 2005
    • 0 Attachment
      tilman, sometimes it's as simple as prepending the session id to each url.

      For example, /index.php/ would become
      /index.php?PHP_SESSID=yadayadayada/. normally that's done via a set of
      regular expressions. the harder one becomes getting all onclick events
      to get replaced, and forms to keep the session ID.

      I've not worked with Java or JSP, or tomcat; more with PHP
      Stephen

      gazard.com <http://www.gazard.com/>
      faith <http://www.gazard.com/structure/index.php?section=faith> family
      <http://www.gazard.com/structure/index.php?section=family> forwards
      <http://www.gazard.com/structure/index.php?section=forwards> photos
      <http://www.gazard.com/structure/index.php?section=photos>



      Tilman Hausherr typed the following whilst thumping at a keyboard on
      15/12/2005 18:04:
      > I'm doing a course about tomcat, java servets, and JSP. Today we did
      > session-ids. Very interesting for me, because I've been on the client
      > side for so long and now I'm learning some of what happens on the server
      > side :)
      >
      > 1) The teacher had initially said that session-ids would work for the
      > servlet regardless if cookies were enabled or not. However, when I
      > disabled cookies, the session-ids no longer worked properly. The teacher
      > suggested to handle this by redirecting the URL to one with the session
      > id. However, I wonder if there is indeed an automatic method?
      >
      > 2) As Xenu author, I have often had questions from users who were
      > annoyed that their server set up new session-id's for every URL. Is
      > there any servlet author who has managed to recognize that all Xenu
      > requests came from the same user, without having to activate the
      > cookies? I could put this solution (if there is one) up on the xenu
      > website.
      >
      > Tilman
      >
      >
      >
      >
      >
      >
      >
      > Yahoo! Groups Links
      >
      >
      >
      >
      >
      >
      >
      >
      >
    Your message has been successfully submitted and would be delivered to recipients shortly.