| Author |
ActionForward inserts jsessionid
|
John Coleman
Ranch Hand
Joined: Jul 24, 2001
Posts: 65
|
|
In the following example I wish struts to redirect to an external web site, it tries to do this, accept that it inserts the ;jsessionid=xxx before the query string.
This messes up the asp!!
How can I do a request to an external site and not have struts interfere with the URL?
TIA
John
if (hostel.startsWith(" ")) {
String link = "http://www.xyz.com/ibnpub/";
link +=
GlobalFunctions.getResource(getServlet().getServletContext(), jaloSession.getSessionContext().getLanguage().getIsoCode(), "link.hostelbooking.country");
link += "/static/xxx.asp?id=";
link += hostel.substring(1, hostel.length());
Object object = getAttribute(session, "AffiliateID");
if (object !=null && !object.toString().equals("")) {
link += "&AffiliateID=" + object.toString();
}
System.out.println("link=" + link);
return new RedirectingActionForward(link);
}
|
John Coleman, MSTA<br />Sun Certified Programmer for the Java� 2 Platform<br />john.coleman@eurobase-international.com<br />Eurobase banking solutions<br /><a href="http://www.eurobase-international.com/banking" target="_blank" rel="nofollow">http://www.eurobase-international.com/banking</a>
|
 |
Peter den Haan
author
Ranch Hand
Joined: Apr 20, 2000
Posts: 3252
|
|
Struts isn't interfering with the URL. It's your application server. Struts merely uses HttpServletResponse.encodeRedirectURL() before redirection, as a good J2EE citizen should. The app server clearly thinks that cookies aren't going to be enough to communicate your session ID to the server you're redirecting to.
Easiest solution is to take charge directly. Your action has access to the response, so you can just do the redirection yourself and return null by way of ActionForward to tell Struts it doesn't have to do anything anymore.
- Peter
[ October 11, 2003: Message edited by: Peter den Haan ]
|
|
John Coleman
Ranch Hand
Joined: Jul 24, 2001
Posts: 65
|
|
Thanks Peter,
One of my associates suggested this, and here is the resulting code:
response.sendRedirect(link);
return null;
I would still like to know how to suppress the jsessionID problem.
|
|
Peter den Haan
author
Ranch Hand
Joined: Apr 20, 2000
Posts: 3252
|
|
Originally posted by John Coleman:
I would still like to know how to suppress the jsessionID problem.
? You know now. There is no other way -- every alternative boils down to what you've just done.
- Peter
|
|
John Coleman
Ranch Hand
Joined: Jul 24, 2001
Posts: 65
|
|
Sorry, maybe I didn't make it clear that I still didn't like the server bunging jsessionid into my link when using the struts return ActionForward! I believe it should be possible to set this feature off somewhere inside the struts code and force the URL given to be used exactly as stated.
It's considerate to put the salt pot on the table and not put salt on someones food on their behalf and spoil their meal. What use would the jsessionid be to a potential server on another host be anyway, surely this is a security risk?
I am using OC4J BTW.
thanks, the solution works nicely - I'll let you know when I have rewritted OC4J and struts to fix this issue 
|
|
Peter den Haan
author
Ranch Hand
Joined: Apr 20, 2000
Posts: 3252
|
|
Originally posted by John Coleman:
[...] I believe it should be possible to set this feature off somewhere inside the struts code and force the URL given to be used exactly as stated.
Well, there's not in the version I checked (1.1b2, so it was not the latest) -- I actually checked the source before answering you:Unconditional, as you see. It might have been changed since; download the source and check the processForwardConfig method in ...struts.action.RequestProcessor.
- Peter
|
|
 |
I agree. Here's the link: jrebel
|
|
subject: ActionForward inserts jsessionid
|
|
|
0
