"Joseph W. Albert" wrote:
> To the best of my knowledge, URL rewriting has nothing to do with form
> submittal.
>
That is not the case. What you should do when you are creating your form is
something like this:
<form action="<%= response.encodeURL("destination-URL") %>" method="POST">
to ensure that the URL to which you are submitting the form is encoded if it
needs to be.
>
> You probably need to add this within your <form> :
>
> <input type="hidden" name="sesessionid" value="<%= session.getId() %>">
>
This approach has the following issues:
* Are you assuming that the servlet engine in use puts
the session ID in a query parameter? Some do, some
do not.
* Are you assuming that the name of the parameter to
be used is "sesessionid"? That may be true for some
servlet engines, but not others.
* Are you assuming you can use the session ID to look
up the corresponding HttpSession object itself? That
was true up through the 2.0 version of the servlet API,
where you could use HttpSessionContext for this. It
is no longer the case in 2.1 or 2.2 based engines.
Using encodeURL() or encodeRedirectURL() is the portable mechanism for
encoding session identifiers, without having to care about the mechanism that
your servlet engine uses.
Craig McClanahan
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
FAQs on JSP can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
