File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Question about URL rewriting Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "Question about URL rewriting" Watch "Question about URL rewriting" New topic
Author

Question about URL rewriting

alzamabar
Ranch Hand

Joined: Jul 24, 2002
Posts: 379
When cookies are disabled, does the Container *always* append the session ID (doesn't matter if new or old) to the response? I'm reading HF, and I know that I can use response.encodeURL("/myResource.do").

My scenario, is as follows (imagining it with cookies disabled):

Request -> ServletA -> Business Delegate -> Model (get Data) -> ServletA (with data) -> set data as session attributes -> RequestDispatcher.forward() to a JSP page, which displays data

My question is: will the JSP have the session ID when the response will be sent? Does the container append the session ID at the end of the response? If the session ID is available, is it enough for me to create all the URLs with <c:url> to have the session ID automatically appended?

If I haven't got any URLs (let's say I have got a form with POST method), shall I append the session ID to the 'action' attribute of the form element? If so, how can I do it? The problem here in my scenario is that potentially all the servlets don't write directly to the response, so these can't use response.encodeURL(), but at the same time I'd like my application to be as much popular as possible.

Thanks,
[ October 18, 2004: Message edited by: Marco Tedone ]

Marco Tedone<br />SCJP1.4,SCJP5,SCBCD,SCWCD
Sami Sayeed
Ranch Hand

Joined: Oct 05, 2004
Posts: 39
Hi,
I dont see any problem with your application, just wherever the urls are being written to the response ,wrap them using response.encodeURL or use c:url tag.

if you have a form ,encolse the action attribute value using either of the one.
hope this helps
alzamabar
Ranch Hand

Joined: Jul 24, 2002
Posts: 379
I'm still having problems with URL rewriting. I'm using IE6, and disabled completely Cookies (as a matter of fact, when I accessed this site, although I've logged in, the system kept telling me that I had to log in...maybe a bug? ) )

However, I disabled cookies because I wanted to try URL rewriting. However, when I print the content of the request header I get the following:

2004-10-19 20:57:33 StandardContext[/Beer-v1]SecondRequest: Is the session new?:false
2004-10-19 20:57:33 StandardContext[/Beer-v1]SecondRequest: Session id:31E5350DD4691BEA17C54D4CF66331D1
2004-10-19 20:57:33 StandardContext[/Beer-v1]SecondRequest: Is the session id from cookies?:true
2004-10-19 20:57:33 StandardContext[/Beer-v1]SecondRequest: Header:acceptvalue:image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */*
2004-10-19 20:57:33 StandardContext[/Beer-v1]SecondRequest: Header:referervalue:http://localhost:8585/Beer-v1/RequestResponse.do;jsessionid=31E5350DD4691BEA17C54D4CF66331D12004-10-19 20:57:33 StandardContext[/Beer-v1]SecondRequest: Header:accept-languagevalue:en-gb
2004-10-19 20:57:33 StandardContext[/Beer-v1]SecondRequest: Header:content-typevalue:application/x-www-form-urlencoded
2004-10-19 20:57:33 StandardContext[/Beer-v1]SecondRequest: Header:accept-encodingvalue:gzip, deflate
2004-10-19 20:57:33 StandardContext[/Beer-v1]SecondRequest: Header:user-agentvalue:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
2004-10-19 20:57:33 StandardContext[/Beer-v1]SecondRequest: Header:hostvalue:localhost:8585
2004-10-19 20:57:33 StandardContext[/Beer-v1]SecondRequest: Header:content-lengthvalue:0
2004-10-19 20:57:33 StandardContext[/Beer-v1]SecondRequest: Header:connectionvalue:Keep-Alive
2004-10-19 20:57:33 StandardContext[/Beer-v1]SecondRequest: Header:cache-controlvalue:no-cache
2004-10-19 20:57:33 StandardContext[/Beer-v1]SecondRequest: Header:cookievalue:JSESSIONID=31E5350DD4691BEA17C54D4CF66331D1


As you can see the cookie with the JSESSIONID has been put in the request header.
[ October 19, 2004: Message edited by: Marco Tedone ]
Joe McIntyre
Ranch Hand

Joined: Nov 20, 2003
Posts: 121
I don't completely understand your question, but could it have something to do with the fact that the container attempts to use both cookies and URL rewriting at first... subsequently defaulting to cookies if they work and URL rewriting if cookies don't work?
Mary Wallace
Ranch Hand

Joined: Aug 25, 2003
Posts: 138
Take view source of the page and see whether the session id is getting passed.
Nicholas Cheung
Ranch Hand

Joined: Nov 07, 2003
Posts: 4982
Have you tried remove the cookie from your file system as well, instead of just disabling it in IE?

Nick


SCJP 1.2, OCP 9i DBA, SCWCD 1.3, SCJP 1.4 (SAI), SCJD 1.4, SCWCD 1.4 (Beta), ICED (IBM 287, IBM 484, IBM 486), SCMAD 1.0 (Beta), SCBCD 1.3, ICSD (IBM 288), ICDBA (IBM 700, IBM 701), SCDJWS, ICSD (IBM 348), OCP 10g DBA (Beta), SCJP 5.0 (Beta), SCJA 1.0 (Beta), MCP(70-270), SCBCD 5.0 (Beta), SCJP 6.0, SCEA for JEE5 (in progress)
alzamabar
Ranch Hand

Joined: Jul 24, 2002
Posts: 379
Yes. Actually I deleted all cookies but the session id doesn't get passed and the browser still uses cookies.
Nicholas Cheung
Ranch Hand

Joined: Nov 07, 2003
Posts: 4982

Yes. Actually I deleted all cookies but the session id doesn't get passed and the browser still uses cookies.



How can this be possible?!~~~ When does the cookie info come from then, if the cookies are all destroyed!!!

Have you checked whether there are other cookies files???

Nick
Bryan Basham
author
Ranch Hand

Joined: Apr 30, 2001
Posts: 199
Hi Marco,

It is important to recongize *all* URLs in the HTML that your JSPs generate and encode all of these using the c:url JSTL tag. Off the top of my head, these are the most important URL "locations:"







There are other URL locations, such as links that load CSS or JavaScript files into the browser, but these three are the biggies.

The issues you are seeing with IE (passing cookies after you turned them off) could very well be an IE bug. Wouldn't be the first time.

-Bryan
alzamabar
Ranch Hand

Joined: Jul 24, 2002
Posts: 379
Originally posted by Bryan Basham:
Hi Marco,

It is important to recongize *all* URLs in the HTML that your JSPs generate and encode all of these using the c:url JSTL tag. Off the top of my head, these are the most important URL "locations:"







There are other URL locations, such as links that load CSS or JavaScript files into the browser, but these three are the biggies.

The issues you are seeing with IE (passing cookies after you turned them off) could very well be an IE bug. Wouldn't be the first time.

-Bryan


For actions I've used:

<c:url var="actionUrl" value="myAction.do" />

<form action='<c ut value="${actionUrl}" />' method="post" />
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Question about URL rewriting