-----------------------------
Please read the FAQ!
<http://java.apache.org/faq/>
-----------------------------
jon * wrote:
> -----------------------------
> Please read the FAQ!
> <http://java.apache.org/faq/>
> -----------------------------
>
> > Thanks for your help, but another list reader recognized my problem as one
> > which is defined here: http://bugs.apache.org/index/full/4382 .
>
> actually it is more than that. what i said is true and is the way it will be
> as far as i can tell (correct me if i'm wrong please). sessions will not be
> valid across zones. if you need that functionality, abstract the sessioning
> from your application.
>
> -jon
>
Jon is correct ... the 2.1 and 2.2 servlet API specs confirm that sessions will
not be valid across servlet contexts (i.e. zones in Apache JServ terminology).
However, the original bug report is still a real issue -- you should be able to
have multiple sessions active (one per zone), and this does not work in AJ 1.0
because of the way we use a single cookie name.
The "correct" thing to do is to set the session management cookie's path to be
the "context path" of this context, but this concept was only introduced in the
2.1 API, and Apache JServ does not insist that there is such a thing.
The "simple" thing to do would be to make the name of the session management
cookie a per-zone configuration parameter, so that different cookies can be
used for each zone. Suitable care will need to be taken to ensure that this
doesn't mess up the load balancing code, which (if I remember right) also
counts on knowing what the name of the session management cookie is. I'm still
in the swamped stage on an implementation project -- can someone else take a
crack at this?
Craig McClanahan
--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Archives and Other: <http://java.apache.org/main/mail.html>
Problems?: [EMAIL PROTECTED]
