• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

session & cookie

 
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,
I've the following situation:
1) the browser requests a JSP page for the first time
2) the JSP sets some session variables and then makes an HTTP request to the same webapp,
URLConnection connection = url.openConnection();
...
connection.setRequestProperty("Cookie", cookie);
where cookie is something like "JSESSIONID=" + session.getId()
3) the request made by the JSP "should" be handled in the same session.
This is true for Tomcat 4.X but it doesn't work for WebSphere 5.0
I think that my code is OK.
Any idea??
Thanks in advance,
Andrea
 
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Andrea,
Not quite sure about WebSphere, but it may be that it is set to only track sessions through URL rewriting.
Best,
Boris
 
Sheriff
Posts: 4313
Android IntelliJ IDE Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You shouldn't be adding the cookie yourself. Use HttpServletResponse.encodeURL(String) -- it will add JSESSIONID to the URL if necessary (like if cookies are turned off) -- otherwise -- the appserver will take care of adding the JSESSIONID cookie for you.
By explicitly setting the cookie -- you might be goofing up some random proprietary thing that Weblogic does and thus its unable to figure out that you're still in the same session.
 
Andrea Giovannini
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Jessica Sant:
You shouldn't be adding the cookie yourself. Use HttpServletResponse.encodeURL(String) -- ...


The problem is that the cookie is not set in the browser yet because this is the very first request!! Otherwise we could use something like:
connection.setRequestProperty("Cookie",request.getHeader("cookie"));
Any other suggestion?? Please ...
Thanks in advance!!
 
Jessica Sant
Sheriff
Posts: 4313
Android IntelliJ IDE Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I must not be following you correctly...
On the first request to a page in a web-application, and if its a JSP, as long as you don't have <%@ page session="false" %>, a new session will be created for that user (basically equivalent to HttpSession session = request.getSession(true); ). If the user has cookies enabled, one will automatically be placed by your app-server so that on subsequent requests -- the same session is used. You don't have to explicitly do anything with cookies in order to get the session stuff to work.
If cookies are not enabled by the user -- you need to make sure you encode each URL with the above API so that the session information can be tracked that way.
Maybe if you post some code and a discription of what your seeing?
[ March 21, 2003: Message edited by: Jessica Sant ]
 
Andrea Giovannini
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Jessica Sant:
I must not be following you correctly...
...If the user has cookies enabled, one will automatically be placed by your app-server so that on subsequent requests -- the same session is used. You don't have to explicitly do anything with cookies in order to get the session stuff to work....
[ March 21, 2003: Message edited by: Jessica Sant ]


This is true if the request comes from the browser but I have a request from the server itself, i.e.
- the browser asks for a page
- a custom tag in the page needs some info for the rendering phase so it asks for this info to a servlet
This request is made with URLConnection setting the cookie with its method setRequestProperty(), otherwise the servlet has no way to see the same session of the client. I can't see any other way but it doesn't work with WAS5 because of its custom cookie format ...
Bye,
Andrea
 
It's fun to be me, and still legal in 9 states! Wanna see my tiny ad?
a bit of art, as a gift, the permaculture playing cards
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic