Re: Session being lost when sent to form POST...

Thu, 27 Apr 2000 20:32:10 -0700 

----------------------------------------------------------------
BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
WHEN YOU POST, include all relevant version numbers, log files,
and configuration files.  Don't make us guess your problem!!!
----------------------------------------------------------------

> I am having trouble maintaing session identity in a call to a servlet that
> is the ACTION target of an html form using the 
> POST method.  I do not have the ability to use cookies, and so I'm trying to
> use URL rewriting.  I do not have any 
> trouble with the GET method -- both of the methods listed below seem to
> work...

cool.

> 1) Including the session id as a hidden field in the form

what did you use for the name value? ie: name=""

> 2) adding the session ID to the URL of the servlet that is specified in the
> ACTION parameter of the FORM tag.

ok.

> When I include the session id in the ACTION tag URL using
> response.encodeURL(), none of other form elements 
> are retrievable in the ACTION servlet after the form is submitted. That is,
> request.getParameter("formelement") 
> returns null for any formelement.

that seems odd since it works fine for me.

> When I include the session id as a hidden input field of the form, the
> ACTION servlet does not properly recognize the 
> session id, and consequently, request.getSession(true) returns a new
> session.

even more odd.

> THIS IS A HUGE problem! Anyone wanting to be able use Jserv for a production
> e-commerce app aimed at an 
> audience of the lowest common denominator is just plain stuck as far as
> using secure POST forms and sessions are 
> concerned!
> 
>  Has anyone found a workaround?

I really haven't seen this "problem" before. It all works just fine for
myself and thousands of other JServ users.

So, post your broken code and lets see if we can't find a solution for
you. I bet it is something silly that you are doing wrong.

-jon

-- 
Scarab -
      Java Servlet Based - Open Source 
         Bug/Issue Tracking System
        <http://scarab.tigris.org/>


--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe:        [EMAIL PROTECTED]
To unsubscribe:      [EMAIL PROTECTED]
Archives and Other:  <http://java.apache.org/main/mail.html>
Problems?:           [EMAIL PROTECTED]

Reply via email to