Hi All, We are using HttpSession API for session management. (i.e) request.getSession( ) etc., etc., Now, the question is 1. How is the session managed? Is it through the cookies? 2. In WebSphere under Services->Session Manager Service we have the options of choosing Cookies or URL-rewriting for session Management. Say, If I choose both, then if the client disables the cookies in the browser will it still work? Please clarify these queries ASAP. Thanks & Regards, Nijeesh.
Cookies or URL-rewriting for session Management is transparent to developer and user in J2EE. If browser is disable cookie,then URL-rewriting will be used,but one time only one is be used,not both. Any wrong with my opinion?
From the API:
For robust session tracking, all URLs emitted by a servlet should be run through this method. Otherwise, URL rewriting cannot be used with browsers which do not support cookies.