Re: SingleSignOn
Hi Thomas,
The reason you can't log off from the second app is that web apps can
not talk to one another. Additionally, with the SingleSignOn feature
when you leave a web app with out invalidating the session, it remains
attached to the SingleSignOn session. The SingleSignOn session does not
expire until all attached sessions are invalid.
One solution is to set a time-out on the log in web app's session to
something like 30 seconds once you authenticate the user and are about
to move to the second web app:
httpServletRequest.getSession().setMaxInactiveInterval(30);
Once in the second web-app you must create a session otherwise when the
log in session expires you will lose the SingleSignOn and the user will
have to reauthenticate. Now when you invalidate the second web-apps
session the SingleSignOn will be scrubbed.
A better solution is web-sphere's extension to HttpSession,
invalidateAll() which causes all sessions attached to the authenticated
user to be invalidated. Sun suggested this in the original drafts for
the servlet API version 2.4, but it didn't make the final draft.
However, it is easy to implement in Tomcat. I haven't made the
modification to the clusters as I don't use them in my set-up, but the
code changes are as follows:
-javax.servlet.http.HttpSession.java
add the line:
public void invalidateAll();
-org.apache.catalina.Session.java
add the lines:
public static final String INVALIDATE_ALL_SESSIONS =
"invalidateAllSessions";
-org.apache.catalina.session.StandardSession.java
add the lines:
public void invalidateAll()
{
fireSessionEvent(Session.INVALIDATE_ALL_SESSIONS, null);
}
-org.apache.catalina.session.StandardSessionFacade.java
add the lines:
public void invalidateAll()
{
this.session.invalidateAll();
}
-org.apache.catalina.cluster.session.DeltaSession.java
add the lines:
public void invalidateAll()
{
//not using clusters, but need to implement interface
}
-org.apache.catalina.cluster.session.DeltaSessionFacade.java
add the lines:
public void invalidateAll()
{
this.session.invalidateAll();
}
-org.apache.catalina.cluster.session.ReplicatedSession.java
add the lines:
public void invalidateAll()
{
//not using clusters, but need to implement interface
}
-org.apache.catalina.authenticator.SingleSignOn.java
in the method sessionEvent(SessionEvent event) add the lines:
// Catch our event to destroy the single session sign on session and
// all attached sessions
log("Session event fired. Event type: " + event.getType());
if (Session.INVALIDATE_ALL_SESSIONS.equals(event.getType()))
{
// Look up the single session id associated with this
// session (if any)
Session session = event.getSession();
if (debug >= 1)
{
log("Destroying SSO Session: " + session);
}
String ssoId = null;
synchronized (reverse)
{
ssoId = (String) reverse.get(session);
}
if (ssoId == null)
{
log("Nothing to deregister");
return;
}
deregister(ssoId);
log("Deregistered.");
}
Hope this helps!
-Mike Fowler
"I could be a genius if I just put my mind to it, and I,
I could do anything, if only I could get 'round to it"
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: How do I find out which version of tomcat is installed?
Andrew Watters wrote: I have full access to the tomcat directory but I can't find the version number in any of the files. It's probably somewhere obvious but I just can't see it. Please help... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Start Tomcat and go to the manager status web app. In the server information table with there is a Tomcat version column. On my box: http://localhost:8080/manager/status -- -Mike Fowler "I could be a genius if I just put my mind to it, and I, I could do anything, if only I could get 'round to it" - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to handle client session information if client has sessions disabled?
Ben-
You need to encode your URLs so that the session ID becomes part of the
URL. Use the second line for redirects.
httpServletResponse.encodeURL("/myapp/page2")
httpServletResponse.encodeRedirectURL("/myapp/page2")
-Mike Fowler
"I could be a genius if I just put my mind to it, and I,
I could do anything, if only I could get 'round to it"
Ben Bookey wrote:
Dear list,
What is the normal way of persisting session type information if the
client has sessions/cookies disabled.
I guess if he's got sessions switched off, then session.getId() will
return null ?
The userID must therefore be invented somehow on the server, and passed
between the server and client. Objects normally stored in a session,
could be stored inside the application object ? or persisted to disk ? with
this userID.
Would appreciate any advice,
regards
Ben
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Determination if a client has sessions enabled or not.
Ben, I don't know of any way of checking (someone correct me if I'm wrong!). What I have done is to attach an attribute to the session, redirect to a small .jsp page with a tag surronding a form that automatically submits back to the servlet. The servlet can then check if the attribute is still there and if not, you know sessions are disabled. -Mike Fowler "I could be a genius if I just put my mind to it, and I, I could do anything, if only I could get 'round to it" Ben Bookey wrote: Dear List, I would like to check if a client has cookies/sessions enabled in the start page of my webapp. whats the best way of doing this? regards Ben - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Determination if a client has sessions enabled or not.
I tend to agree and would advocate the use of URL encoding for all stateful web-apps. However they have the drawback of making your URL look something like: http://localhost:8080/manager/html/list;jsessionid=C76172F9BD3E29A9AFDEBDA349F853DF So you use cookies for "tidy" URLs. -Mike Fowler "I could be a genius if I just put my mind to it, and I, I could do anything, if only I could get 'round to it" Woodchuck wrote: hi, this begs the question, is it bad practice to require users to enable cookies? --- Mike Fowler <[EMAIL PROTECTED]> wrote: Ben, I don't know of any way of checking (someone correct me if I'm wrong!). What I have done is to attach an attribute to the session, redirect to a small .jsp page with a tag surronding a form that automatically submits back to the servlet. The servlet can then check if the attribute is still there and if not, you know sessions are disabled. -Mike Fowler "I could be a genius if I just put my mind to it, and I, I could do anything, if only I could get 'round to it" Ben Bookey wrote: Dear List, I would like to check if a client has cookies/sessions enabled in the start page of my webapp. whats the best way of doing this? regards Ben - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers! http://promotions.yahoo.com/new_mail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to handle client session information if client has sessions disabled?
Sorry, you're quite right it does remain on the server, I'm just being
silly. The session.setAttribute() works because the server is
remembering the session by the JSESSIONID which is now in the URL of the
request rather than in a cookie header being sent by the request.
-Mike Fowler
"I could be a genius if I just put my mind to it, and I,
I could do anything, if only I could get 'round to it"
Ben Bookey wrote:
Hi Mike
Thanks for the reply. I think I have missed something here. I believe if we
store an object in the session
its still stored on the server, but is specific to the active user-session.
I cant imagine any java objects been sent across the network to the client
... In addition, i am suprised that storing objects in the session object
works, when the client has sessions switched off hence app.setAttribute() ??
Help !!!
regards,
Ben
- Original Message -
From: "Mike Fowler" <[EMAIL PROTECTED]>
To: "Ben Bookey" <[EMAIL PROTECTED]>
Sent: Friday, June 25, 2004 5:41 PM
Subject: Re: How to handle client session information if client has sessions
disabled?
Ben-
Once you encode the URL, the subsequent request to Tomcat will cause
tomcat to pull the JSESSIONID from the URL (in the referer header) so
session.getId() will work just the same as before.
As for your second question, I'd store everything in the session.
Something like:
session.setAttribute("key","value");
This eliminates all serverside processing of the user (save finding the
session ID) and off-loads the memory required to store your objects to
the client.
Hope this helps!
-Mike Fowler
"I could be a genius if I just put my mind to it, and I,
I could do anything, if only I could get 'round to it"
Ben Bookey wrote:
Thanks for the reply.
O.k so I can store the session userid, which is very useful, for a
stateless exchange between
client and server. Can i still use session.getId() to get the id, or
must I do something special, when the id is stored in
the url ?
Where would you recommend storing all my objects, particular to a user
? inside the application object, something like ?
application.setAttribute(userid & myObject ,myObject);
I would really appreciate your help
regards
Ben
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Determination if a client has sessions enabled or not.
I think it's a good idea to try as much as possible to cater to cookieless users, differing browsers and so on as this allows you to create a single web-app that will function and look the same across a multitude of browsers. As a Mozilla user I come across site after site that takes advantage of non-standard IE extensions that make the page virtually unviewable for me. Of course, trying to develop to cater to all these possibilities does make life a lot more difficult that it may need to be! -Mike Fowler "I could be a genius if I just put my mind to it, and I, I could do anything, if only I could get 'round to it" Woodchuck wrote: it used to be more common to have warnings on websites that say cookies are required. nowadays, these warnings are not there anymore and it's assumed cookies will be available. and if cookies are disabled by the user, and the website requires it, the user will be promptly halted. i'm coming from a web developer perspective, so i guess what i'm getting at is that it seems to me something is wrong when a website has to cater to non-cookie-enabled browsers/users. this argument can also be extended to other things like browser make/version, javascript (on/off), etc. etc. is it really harsh to say no cookies = no website nowadays? in my humble opinion, this is no. [snip] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: SingleSignOn
Bert,
You're quite right and I now see why my SSO was never getting scrubbed:
session.setMaxInactiveInterval(1);
session.invalidate();
The result of this was that when the check you pointed out was performed
it was always true, therefore removeSession(ssoId, session); was always
getting called rather than deregister(ssoId);.
Thanks for helping me find this out as I now no longer need to use this
customisation!
-Mike Fowler
"I could be a genius if I just put my mind to it, and I,
I could do anything, if only I could get 'round to it"
Summers, Bert W. wrote:
Looking at SingleSignOn sessionEvent code it seems that if you invalidate a
session it does kill all the sessions.
Only if the session died from timeout do other sessions survive.
This is from TC5.0.25
// Was the session destroyed as the result of a timeout?
// If so, we'll just remove the expired session from the
// SSO. If the session was logged out, we'll log out
// of all session associated with the SSO.
if (System.currentTimeMillis() - session.getLastAccessedTime() >=
session.getMaxInactiveInterval() * 1000) {
removeSession(ssoId, session);
} else {
// The session was logged out.
// Deregister this single session id, invalidating
// associated sessions
deregister(ssoId);
}
[snip]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Klaus-Dieter -V715101- Ackermann/Volksfuersorge/AMComNET/DE ist außer Haus.
Bitte verwenden Sie Selbstantwort nicht für newsgroup. Sie wirft unsere E-mail durcheinander. -Mike Fowler [EMAIL PROTECTED] wrote: Ich werde ab 28.06.2004 nicht im Büro sein. Ich kehre zurück am 01.07.2004. Ich werde Ihre Nachrichten nach meiner Rückkehr beantworten. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: HttpSession
Trond-
HttpSession.class in servlet-api.jar is an interface as is implemented
in several places in the Tomcat source. To add new functionality I would
make changes to the following classes and recompile Tomcat:
-javax.servlet.http.HttpSession.java
add your new methods:
public void myHelperMethod();
-org.apache.catalina.session.StandardSession.java
implement your new method:
public void myHelperMethod()
{
//useful code
}
-org.apache.catalina.session.StandardSessionFacade.java
add the lines:
public void myHelperMethod()
{
this.session.myHelperMethod();
}
-org.apache.catalina.cluster.session.DeltaSession.java
implement your new method:
public void myHelperMethod()
{
//useful code
}
-org.apache.catalina.cluster.session.DeltaSessionFacade.java
add the lines:
public void myHelperMethod()
{
this.session.myHelperMethod();
}
Hope this helps!
-Mike Fowler
"I could be a genius if I just put my mind to it, and I,
I could do anything, if only I could get 'round to it"
Trond Hersløv wrote:
Hi!
What do I have to do if want to use a modified HttpSession class? Can I do
one of the following:
Hope I don't have to do it this way:
1) extract $CATALINA_HOME/common/lib/servlet-api.jar
2) decompile HttpSession.class --> HttpSession.java
3) make my modifications on HttpSession.java and compile -->
HttpSession.class
4) build a new servlet-api.jar containing the modified HttpSession.class
instead of the original one.
It would be nice if this was possible.
1) create a new class MyHttpSession which extends HttpSession
2) add my extra funcionality to MyHttpSession.
3) compile MyHttpSession --> MyHttpSession.class and putt it into
$CATALINA_HOME/common/classes
4)The big QUESTION: How do I config tomcat to use MyHttpSession.class
instead of HttpSession.
Thanks in advance
\trond
**
This email message has been swept by
MIMEsweeper for the presence of computer viruses.
**
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: I've officially decided that JSTL is one of the worst things to ever happen to mankind
Hello, it seems I have missed a good conversation! Now for my two pence/cents: >4. EL encourages sloppy syntax. It doesnât even have data types > (well it has on the bottom level, but not on the surface). >Remember JavaScript? Did you know that at first, it was supposed > to be server-side scripting language? You know the reason it > didnât make it (one of the major ones)? Because of its sloppy > syntax and the amount of errors it caused. Why bring it back? I agree that <% code %> is clearer, especially for debugging but I think that using <% %> excessively leads to poor page design. Embedding Java code directly into a presentation page leans towards placing business logic in the presentation tier, which is BAD design. If you have to process your data objects on the presentation page you have a problem. It is better to construct a "bean" that contains all the information required for the page, embed it in the session when you serve the JSP and just pull data out of the bean. Need to loop? Use iterators in the bean. Need to construct a new object in the page? Why? This is presentation! >Customer isn't worth the trouble? Maybe that theory of thought is the >reason why you're using Japanese mail server? > Good luck with your developers. Can I have the name of your >company plz? I'll make sure never to buy anything from it No need to get personal, this is a debate not a slagging match. -Mike Fowler "I could be a genius if I just put my mind to it, and I, I could do anything, if only I could get 'round to it" - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: I've officially decided that JSTL is one of the worst things to ever happen to mankind
Hello - I think I was unclear in what I meant. I am not talking about presentation of code, (hell assembler can be presented well!) what I mean is that using JSTL and EL forces you to abstract yourself from the business tier as you have restricted ability to handle the data. By using embedded Java you do not have this restriction (which may be a good thing for performance or clarity) which can lead you to perform operations you shouldn't in a presentation processing. I agree that having a bad designer leads to bad design, but a good design can be poorly implemented. I propose that the use of embedded java can be poor implementation as it is all to easy to perform operations that you shouldn't in a presentation tier. -Mike Fowler "I could be a genius if I just put my mind to it, and I, I could do anything, if only I could get 'round to it" - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: No Java compiler was found to compile the generated source for the JSP
Simone- Have you tried copying the tools.jar into common/lib ? -Mike Fowler "I could be a genius if I just put my mind to it, and I, I could do anything, if only I could get 'round to it" Simone-dev wrote: Hello all, I just installed Apache Tomcat/5.0.25 on my newly installed developing workstation on Windows I've installed SDK 1.4.2_05, too... But when I try to run a JSP to compiled I get the error org.apache.jasper.JasperException: Unable to compile class for JSP No Java compiler was found to compile the generated source for the JSP. This can usually be solved by copying manually $JAVA_HOME/lib/tools.jar from the JDK to the common/lib directory of the Tomcat server, followed by a Tomcat restart. If using an alternate Java compiler, please check its installation and access path. I've set JAVA_HOME as C:\j2sdk1.4.2_05 but tomcat still doesn't compile JSP any ideas? Simone - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[OFF TOPIC] Re: how to read a text file and store into mysql databse --JAVA
Hi Maruthi,
This should do what your after. The variable file is obviously the
file you want to insert into the database.
PreparedStatement prestate = websiteDBCon.prepareStatement("" +
"INSERT INTO Collateral (AccountTypeID," +
"Document" +
"VALUES (?)");
//make sure the statement is clear
prestate.clearParameters();
//add the file to the statement
prestate.setBinaryStream(1,//parameter reference
new FileInputStream(file), //file to insert
(int) file.length()); //length of file
//excute the statement
prestate.execute();
Hope this helps!
-Mike Fowler
"I could be a genius if I just put my mind to it, and I,
I could do anything, if only I could get 'round to it"
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Class Load Order
http://jakarta.apache.org/tomcat/tomcat-4.1-doc/class-loader-howto.html -Mike Fowler "I could be a genius if I just put my mind to it, and I, I could do anything, if only I could get 'round to it" - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: java and tomcat books
Hi Didier, Personally I quite like Tomcat: The Definitive Guide from O'Reilly (http://www.oreilly.com/catalog/tomcat/index.html), it covers version 4 but it's still quite relevant for version 5. As for Java books I'd recommend Java How To Program by Deitel & Deitel (http://www.deitel.com/books/jHTP6/) for good general coverage, and for detail both Java In A Nutshell (http://www.oreilly.com/catalog/javanut4/) and Java Enterprise In A Nutshell (http://www.oreilly.com/catalog/jentnut2/). -Mike Fowler "I could be a genius if I just put my mind to it, and I, I could do anything, if only I could get 'round to it" Didier McGillis wrote: looking for some information on Tomcat administration and some Java programming books, what would people suggest. _ MSN® Calendar keeps you organized and takes the effort out of scheduling get-togethers. http://join.msn.com/?pgmarket=en-ca&page=byoa/prem&xAPID=1994&DI=1034&SU=http://hotmail.com/enca&HL=Market_MSNIS_Taglines Start enjoying all the benefits of MSN® Premium right now and get the first two months FREE*. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Can session time be modified at runtime?
You could use the session instance method setMaxInactiveInterval which takes a single int paramter which is the maximum time in seconds between client requests before invalidation. For example, for ten minute timeout: session.setMaxInactiveInterval(600); -Mike Fowler "I could be a genius if I just put my mind to it, and I, I could do anything, if only I could get 'round to it" Tim Funk wrote: The session timeout can be changed at runtime (sort of). If you change web.xml - you would need to restart your webapp. This would cause a brief outage while sessions are saved to ???. (Unless your using clustering) If you really need this changed on the fly, this might be able to be changed via JMX. (But I haven't checked) -Tim Arun Prasad R wrote: hi in web.xml the following comment has been given 30 after changing session-timeout will it be effective for sessions created thereafter? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat Question - HELP
Daniel, I think the same goes for you. You are attacking the generosity and kindness of the people on this list, and I think I speak for most of the list when I say that you have crossed a line. Please make your future posts constructive and refrain from flaming us. -Mike Fowler "I could be a genius if I just put my mind to it, and I, I could do anything, if only I could get 'round to it" [EMAIL PROTECTED] wrote: Michael, its better if you just keep your comments to your self. You are so pathetic. Daniel Salud (310)665-6583 [EMAIL PROTECTED] 10/01/2004 04:37 PM Please respond to "Tomcat Users List" To: "Tomcat Users List" <[EMAIL PROTECTED]> cc: Subject:RE: Tomcat Question - HELP Let me summarise this thread: 1. You hate "all those open source stuff" 2. You are "not a big fan of tomcat" 3. You think we are not "educated and professional" 4. You will trust your web engineer over our judgement 5. You "really don't care what your personal views are" 6. You seem to know exactly what this forum is for an how we should run it and behave on it 6. You won't do what you are asked (i.e. post a simple logfile) 7. You seem to think as a "Unix admin" that killing a process that has an obvious, documented and non-trivial shutdown sequence is a good idea (I'm sure DBA's will love you for this) 8. You publicly admitted to mailing Rick Moen directly for help (great autoreply though ;-) ) What gets me is that everyone who replied to you was civil and helpful. Really, you guys are the greatest! I'm mostly a lurker and I've totally lost control (yes I know: "YHBT. YHL. HAND.") Daniel, I just hope for your sake that no potential future employer ever finds this thread on Google (or that you are wisely using an alias). Have a good weekend, Michiel - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: how to deploy using war file on tomcat 5
Sandeep - The ant deploy task you need is found in catalina-ant.jar in $TOMCAT_HOME/server/lib. Then in your build file a target like this should do: Hope this helps! -Mike Fowler "I could be a genius if I just put my mind to it, and I, I could do anything, if only I could get 'round to it" Sandeep Kang wrote: Hi all, I have been trying hard to deploy my webapp on Tomcat-5.0.27 using a WAR file. I have searched through the mail archives but havent been able to find a well defined proceudre for deploying webapps using WAR files. Plz can someone guide me on how to do that using Ant build.xml. Kindly give detailed step by step procedure. Thanks in advance. Bye. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How do I force the expiration of the JSESSIONID cookie for proxies?
Ian - HttpSession.invalidate() will cause the client's cookie to expire. -Mike Fowler "I could be a genius if I just put my mind to it, and I, I could do anything, if only I could get 'round to it" Ian Stevens wrote: I have a system which renders a session stored in the HttpSession unusable once the user logs out. All initialisation on the session is performed inside a HttpSessionListener.sessionCreated() method. Further accesses under the same JSESSIONID result in an error detailing that the user must close their browser before logging in again. However, many of our users access the system through phone network proxies which remember their cookies for them. There is no way that I know of to force the proxies to either not cache cookies or to flush the value for a cookie. However, the proxy should understand how to expire a cookie. Is it possible to set an expires on a JSESSIONID cookie to the current time on a user logout? Will HttpSession.invalidate() do this for me? I need some way to indicate to proxies that they should no longer use the old JSESSIONID cookie value and to replace it with any new value which should come along. Does anyone know how this can be done? I'd rather not reference "JSESSIONID" in my code in case a different value is ever used. thanks, ian. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Session Creation with IE
Hi Mark, I have experienced this problem as well. It appears that when IE is started from a shortcut or from with Outlook/Outlook Express a different cookie store is used from the main IE one. I also noticed that if a new browser window is opened from within the one created by the shortcut/outlook you revert to normal IE cookie store. Regrettably I didn't find/look for a solution as the problem didn't affect me in any serious way as it does you. -- Mike Fowler Registered Linux user: 379787 "I could be a genius if I just put my mind to it, and I, I could do anything, if only I could get 'round to it" - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Missing application web.xml, using defaults only
I also get this error message using Tomcat 5.0.19 using the Ant deploy task. It seems to occur once or twice a day when I'm developing. I have to stop Tomcat, delete the war file (which is correct), delete what has been exploded (usually only one or two files, but no web.xml) and restart Tomcat. If I then use the Ant script to deploy the identical war file that just failed, it works. I have one other test system and two production systems, all using identical configurations where the problem has never occured. It would seem only to occur on the Tomcat I deploy on the most frequently. I've been experiencing the problem randomly for several months, but I have been unable to pin down the cause or even more information about the error to make a guess as to the cause. Summary of configuration information: Windows XP SP1 (not my choice :D ) Tomcat 5.0.19 Java 1.4.2_04 -- Mike Fowler Registered Linux user: 379787 "I could be a genius if I just put my mind to it, and I, I could do anything, if only I could get 'round to it" - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: url of caller?
DaveP,
You could use the 'referer' header, eg.
String referedURL = request.getHeader("referer");
Note that the String is null if the header isn't present which usually
indicates that the user typed the URL in their browser.
Hope this helps!
--
Mike Fowler
Registered Linux user: 379787
"I could be a genius if I just put my mind to it, and I,
I could do anything, if only I could get 'round to it"
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
