• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

encodeURL and cookie

 
Ranch Hand
Posts: 162
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If I use "encodeURL" the server will first check if the browser supports cookie. if yes, the URL remains unchanged; otherwise a "jsessionid=.." will be appended to the URL. I know this well.

Now the question is --

1. How can I let server NOT to use cookie (no matter cookie is ON or OFF on the browser) ? Can I do things like appending a jseesionid by myself

url = originalURL + "/jsessionid=" + session.getID();

Does this force the server NOT to get jsessionid from cookie (even the cookie is supported by client browser) ?

2. if I keep using "encodeURL", is there a way to "configure" the server to let server NOT use cookie (i.e never store jsessionid in cookie, instead put in URL)? I knnow by theory if you use "encodeURL" server first checks cookie and goes from there. I just wanna to see if developer can interfere with that.

thanks
 
Ranch Hand
Posts: 429
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I don't know if you can disable cookies from the server, but I know that you can't append the URL encoded portion yourself because what that looks like is container-dependant (at least according to HFS&J). If you really wanted to you could disable sessions all together and implement your own sessions using a sessionId request parameter and the ServletContext. This wouldn't work if your web-app is distributed though, unless you use EJBs or something for session data (uggghhhh!).

-Yuriy
[ July 11, 2005: Message edited by: Yuriy Zilbergleyt ]
 
reply
    Bookmark Topic Watch Topic
  • New Topic