aspose file tools*
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Container tracking sessions Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "Container tracking sessions" Watch "Container tracking sessions" New topic
Author

Container tracking sessions

Roy Pozarelli
Ranch Hand

Joined: Oct 17, 2009
Posts: 39
I ran across a question in a practice test: "How can you make sure that the container tracks sessions for you web application using SSL?"

With the correct answer as:
Add the following to the web.xml:
session-config>
<tracking-mode>SSL</tracking-mode>
</session-config>

However, another of the responses could have been:
Add the following to the web.xml:
<session-config>
<cookie-config><secure>true</secure></cookie-config>
<tracking-mode>cookie</tracking-mode>
</session-config>

I'm not sure why the second one is wrong. Any ideas?


OCP Java SE 6 Programmer,
OCM Java SE 6 Developer
OCE Web Components
OCE JPA 6
OCE EJB 6
MySQL Certified Administrator & Developer,
OMG Certified UML Prof. Fund., Int., Adv.
doron vett
Greenhorn

Joined: Nov 27, 2012
Posts: 1
There are many companies interested in our track consumer behavior. Recently it was revealed that Apple and Android track the GPS locations of users in some versions of the operating system. There are vehicles which are installed in gps car tracking to always be possible to know what their position, not only in the case of auto theft. There are special applications for container tracking and container tracking , useful for monitoring the location of all devices
Frits Walraven
Creator of Enthuware JWS+ V6
Bartender

Joined: Apr 07, 2010
Posts: 1675
    
  25

Hi Doron Vett,

Interesting question and to be honest: I didn't know that the <tracking-mode> element existed. I had a quick look what the Servlet 3.0 specs say about it and I couldn't find anything apart from the element in the xsd itself.

This is what the specs say about SSL and session tracking:
7.1.2 SSL Sessions
Secure Sockets Layer, the encryption technology used in the HTTPS protocol, has a built-in mechanism allowing multiple requests from a client to be unambiguously identified as being part of a session. A servlet container can easily use this data to define a session.


So I guess the tracking mode element is not always needed...

Regards,
Frits
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Container tracking sessions