This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
J2ee has a very good feature which is we can get the session easily under the care of the J2ee, for example, request.getSession() will do the thing for me. but could we use the same mechanism but provide our own session id? because i don't know how J2ee encrypt the session so probably i will want to provide my own session id but i don't want to create a new mechanism to retrieve it because it has been done nicely in J2ee (has mentioned above).
Bear Bibeault wrote:I'm not understanding why you would want to do this. I'd recommend just using the session as is.
It could be due to customer's requirement, since they have their own encryption and maybe they do not want to show the key text as "jsessionId" (i cannot remember the term, something like jxxxxxx) in the client's cookie file. and blah blah blah....