Win a copy of Mesos in Action this week in the Cloud/Virtualizaton forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

response does not save session id in cookie if it is from url

 
zheng li
Ranch Hand
Posts: 56
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
i am using tomcat.
if i use jsessionid=617AA28660D5C1B1408543C24B186A75 in url to send session id to server, response does not put it in cookie, so if redirect happens, a completely new session will be created.

is it a bug or http specification?
i can't find anything about it in rfc though.

or is there any configuration about it in tomcat?
 
Vijitha Kumara
Bartender
Posts: 3913
9
Chrome Fedora Hibernate
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Are you saying that you manage the "jsessionid" within your code? Then don't, it's up to the container.
 
zheng li
Ranch Hand
Posts: 56
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
i am not manage jsessionid myself.
just that i found this problem and don't understand why.

it seems that the two way of managing session id can not coexist.
 
Mohamed Sanaulla
Saloon Keeper
Posts: 3159
33
Google App Engine Java Ruby
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
zheng li wrote:i am not manage jsessionid myself.
just that i found this problem and don't understand why.

it seems that the two way of managing session id can not coexist.


Is it not that either URL Rewriting or Cookies are used for session management?
 
zheng li
Ranch Hand
Posts: 56
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
mohammed sanaullah wrote:
zheng li wrote:i am not manage jsessionid myself.
just that i found this problem and don't understand why.

it seems that the two way of managing session id can not coexist.


Is it not that either URL Rewriting or Cookies are used for session management?


yes, you are right.
thank you.
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You don't send the session id to the server. Let Tomcat create them for you.
If there is a session id in the URL and Tomcat can't match it up to an existing session in memory, it just assumes that it is expired and ignores it.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic