Session tracking with URL rewriting

Hi

I am trying to work with session tracking by disabling cookie and using URL rewriting but nothing seems to be work as expected.

please see the code below

Servlet code:
public class SessionServlet extends HttpServlet { /** * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods. * @param request servlet request * @param response servlet response * @throws ServletException if a servlet-specific error occurs * @throws IOException if an I/O error occurs */ protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=UTF-8"); PrintWriter out = response.getWriter(); HttpSession session = request.getSession(); session.setAttribute("sessionAttr", "Set in a session"); out.println("<a + response.encodeURL("jsps/sessionJsp1.jsp\"") + "\\ rel="nofollow">click me</a>"); } // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code."> /** * Handles the HTTP <code>GET</code> method. * @param request servlet request * @param response servlet response * @throws ServletException if a servlet-specific error occurs * @throws IOException if an I/O error occurs */ @Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { processRequest(request, response); } /** * Handles the HTTP <code>POST</code> method. * @param request servlet request * @param response servlet response * @throws ServletException if a servlet-specific error occurs * @throws IOException if an I/O error occurs */ @Override protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { processRequest(request, response); } /** * Returns a short description of the servlet. * @return a String containing servlet description */ @Override public String getServletInfo() { return "Short description"; }// </editor-fold> }


jsp inside the folder jsps:
<%@page contentType="text/html" pageEncoding="UTF-8"%> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>JSP Page</title> </head> <body> <%= session.isNew() %> Session Attribute : ${sessionScope.sessionAttr} </body> </html>

So when i click the link on the servlet it always shows true in the jsp.

Why the URL rewriting is not working in this case?

The corrected version of line 16 is

out.println("<a href=\"" + response.encodeURL("jsps/sessionJsp1.jsp\"") + "\\>click me</a>");

out.println("<a href=\"" + response.encodeURL("jsps/sessionJsp1.jsp\"") + ">click me</a>");

Why are you sending the " inside the encodeURL method?? Try this
out.println("<a href=\"" + response.encodeURL("jsps/sessionJsp1.jsp") + "\">click me</a>");
Also, when you post some HTML code in the code tags, select the "Disable HTML in this message" checkbox, that way your HTML won't get screwed up...

Thanks Ankit...

A little double qoute solved the problem.

I found this from Head First WCD book

URL rewriting adds the session ID to the end of all the URLs in the
HTML that you write to the response.

this is my jsp
<%@ page language="java" session="false" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"%> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <title>Insert title here</title> </head> <body> Hello <form action="URL"> Name <input type="text" name="name" ></br> Password <input type="password" name="password" ></br> <input type="submit" value="submit" > </form> </body> </html>

this is my servlet
package com.example; import java.io.IOException; import java.io.PrintWriter; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; public class URL extends HttpServlet { private static final long serialVersionUID = 1L; protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=UTF-8"); PrintWriter out = response.getWriter(); HttpSession session = request.getSession(); session.setAttribute("sessionAttr", "Set in a session"); out.println("<a href=\"" + response.encodeURL("jsps/sessionJsp1.jsp") + "\">click me</a>"); //out.println("<a href=\"jsps/sessionJsp1.jsp>click me</a>"); } protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // TODO Auto-generated method stub } }

this is sessionJsp.jsp
[code]
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insert title here</title>
</head>
<body>
<%= session.isNew() %>
Session Attribute : ${sessionScope.sessionAttr}
</body>
</html>
[code]

i can't see anywhere that it adds session ID to the end of url?

I found this from Head First WCD book

Wow, a new book of the Head First series is available (just kidding, I think you are talking about Head First Servlets and JSP).

i can't see anywhere that it adds session ID to the end of url?

Did you check the output of the URL servlet in the browser, the link that it generates (which is by the way wrong as there is no wrapping <html> and <body> tag) must have the session ID appended to it...

Make sure you disable cookies in your browser.

In IE8 even after disabling cookies i can not see the session id appended at the URL and upon seeing the request monitor in Netbeans the cookie is sent by the client.I am not sure how IE8 accepts cookies even after i disable it.

But it works perfectly fine with mozilla.

Let me know if you still have problem.