• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • Rob Spoor
  • Bear Bibeault
Saloon Keepers:
  • Jesse Silverman
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Piet Souris
  • Al Hobbs
  • salvin francis

Authenticated user session without cookies- How to implement?

 
Ranch Hand
Posts: 45
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi All,
In my application, I have made changes to context.xml of my Tomcat server to disable cookies, as I was having wrong session data comming up in my popup window. But after making the changes , I am assuming my user session gets destroyed. I understand I should use URL encoding or some technique to retain user logged in across the pages. But I dont know the right way of doing it. I am new to jsp servlet applications and I am using Spring MVC framework to develop my application. I am learning everything and building my application. Please give your inputs on what is the best way of mainting user session across the pages and also have it secured.



Thank you,
Kavitha.
 
Ranch Hand
Posts: 1936
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Have you tested it? From the config file, it has nothing to do with cookie.
 
Kavita Shivani
Ranch Hand
Posts: 45
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
yes I did, basically, I was maintaining user logged on status in the session attribute. when I make cookies false, session.getAttribute is returning null and I get an exception. if i enable it. it works fine. I need to have user name atleast to be shown on each page and also, a variable to say user is logged on on every page and during inactivity time out this is set to not logged on or something. I am quiet not sure how generally user session management is implemented in web applications.
thank you,
Kavitha.
 
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If you disable cookies, you are disabling session management at all. In this case, the application is responsible for passing the session identifier through URL rewriting.
 
Kavita Shivani
Ranch Hand
Posts: 45
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
yes, I am passing the user name and a new parameter status which says if the user is still logged in. I pass these two parameters with the URL to every page after user has logged in. Along with that I have kept a session time out, wich wil redirect to login page.
Let me know your suggestions on it.
thank you,
Kavitha.
 
Hong Anderson
Ranch Hand
Posts: 1936
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You can read about URL rewriting on this page: http://publib.boulder.ibm.com/infocenter/iseries/v5r4/index.jsp?topic=/rzatz/51/program/sesdeci.htm.
 
Kavita Shivani
Ranch Hand
Posts: 45
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Sure, I will have a read through.
Thanks a lot.
Kavitha.
 
You showed up just in time for the waffles! And this tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
reply
    Bookmark Topic Watch Topic
  • New Topic