Win a copy of Testing JavaScript Applications this week in the HTML Pages with CSS and JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Bear Bibeault
  • Ron McLeod
  • Jeanne Boyarsky
  • Paul Clapham
Sheriffs:
  • Tim Cooke
  • Liutauras Vilda
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • fred rosenberger
  • salvin francis
Bartenders:
  • Piet Souris
  • Frits Walraven
  • Carey Brown

response does not save session id in cookie if it is from url

 
Ranch Hand
Posts: 56
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
i am using tomcat.
if i use jsessionid=617AA28660D5C1B1408543C24B186A75 in url to send session id to server, response does not put it in cookie, so if redirect happens, a completely new session will be created.

is it a bug or http specification?
i can't find anything about it in rfc though.

or is there any configuration about it in tomcat?
 
Bartender
Posts: 4107
72
Hibernate Fedora Chrome
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Are you saying that you manage the "jsessionid" within your code? Then don't, it's up to the container.
 
zheng li
Ranch Hand
Posts: 56
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
i am not manage jsessionid myself.
just that i found this problem and don't understand why.

it seems that the two way of managing session id can not coexist.
 
Bartender
Posts: 3225
34
IntelliJ IDE Oracle Spring Chrome Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

zheng li wrote:i am not manage jsessionid myself.
just that i found this problem and don't understand why.

it seems that the two way of managing session id can not coexist.



Is it not that either URL Rewriting or Cookies are used for session management?
 
zheng li
Ranch Hand
Posts: 56
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

mohammed sanaullah wrote:

zheng li wrote:i am not manage jsessionid myself.
just that i found this problem and don't understand why.

it seems that the two way of managing session id can not coexist.



Is it not that either URL Rewriting or Cookies are used for session management?



yes, you are right.
thank you.
 
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You don't send the session id to the server. Let Tomcat create them for you.
If there is a session id in the URL and Tomcat can't match it up to an existing session in memory, it just assumes that it is expired and ignores it.
 
I hired a bunch of ninjas. The fridge is empty, but I can't find them to tell them the mission.
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
    Bookmark Topic Watch Topic
  • New Topic