Re[2]: getting desperate here :)

2004-12-02 Thread Alex Korneyev 
Hello Peter Mengell,


  can you please clarify what you mean by session.invalidate

  alex korneyev
Thursday, December 2, 2004, 9:13:44 AM, you wrote:

> Hi,

> Are you invalidating the session from TomcatA before you redirect to TomcatB?,
> even a redirect should be able to clear the session cookie if you've
> invalidated the session.

> We do much the same thing sometimes and don't have this problem, the
> session.invalidate seems to be the only thing we seem to be doing 
> differently.

> Pete

> On Thursday 02 December 2004 15:05, Alex Korneyev wrote:
>> Hello all,
>>
>>   i have sent this one before, but i am hoping someone else has
>>   had this particular problem.
>>   __
>>
>>
>>  i am hoping someone has seen the following behavior.
>>
>>
>>  TomcatA sends a redirect to TomcatB
>>
>>  on the backend, I can see that TomcatB receives a JSESSIONID that was
>>  originally assigned to it by TomcatA;
>>
>>  i.e. cookie = JSESSIONID=6EF95FA9AA98E608C555E28875F57054;
>>
>>
>>  I rewrite reset the jsession id ( see the code bellow ), but
>>
>>
>>  on the next request i see this:
>>
>>  cookie = JSESSIONID=6EF95FA9AA98E608C555E28875F57054;
>> JSESSIONID=2251830F6F64DEFC974C19C79F1EABAB
>>
>>  for some reason using Mozilla works, but I.E. is the one that passes
>>  2 JSESSIONID variables. Thoughts?
>>
>> if (cookies != null && cookies.length > 0)
>> {
>> int len = cookies.length;
>> for (int i = 0; i < len; i++)
>> {
>> if
>> (cookies[i].getName().equalsIgnoreCase("jsessionid")) {
>> cookies[i].setMaxAge(-1);
>> cookies[i].setPath("/");
>> _LOGGER.debug("COOKIE VALUE " +
>> cookies[i].getValue() ); _LOGGER.debug("session id:  " + 
>> request.getSession().getId() ); _LOGGER.debug(" comp" + (
>> request.getSession().getId().equals(cookies[i].getValue(;
>> if (
>> request.getSession().getId().equals(cookies[i].getValue())) {
>> _LOGGER.debug("equal");
>>
>> response.addCookie(cookies[i]); }
>> else
>> {
>> _LOGGER.debug("not equal");
>> Cookie sessionCookie = new
>> Cookie("JSESSIONID", request.getSession().getId());
>>
>> response.addCookie(sessionCookie); }
>> foundCookie = true;
>> _LOGGER.debug("updated session
>> cookie");
>>
>> }
>> }
>> }
>>
>>
>>
>>
>>
>>
>>
>>
>> -
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> For additional commands, e-mail:
>> [EMAIL PROTECTED]

> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]



-- 
Best regards,
 Alexmailto:[EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Re[2]: getting desperate here :)

2004-12-02 Thread David Boyer 
>From the servlet API:
 
"Invalidates this session then unbinds any objects bound to it."
 
If a browser's TomcatA session is invalidated and they return to
TomcatA, TomcatA will issue a new session ID to the browser. The session
ID represented in the cookie would no longer correspond to a know
session in TomcatA, and it would create a new session with a new session
ID.

>>> [EMAIL PROTECTED] 12/2/2004 4:55:33 PM >>>

Hello Peter Mengell,


  can you please clarify what you mean by session.invalidate

  alex korneyev
Thursday, December 2, 2004, 9:13:44 AM, you wrote:

> Hi,

> Are you invalidating the session from TomcatA before you redirect to
TomcatB?,
> even a redirect should be able to clear the session cookie if you've
> invalidated the session.

> We do much the same thing sometimes and don't have this problem, the
> session.invalidate seems to be the only thing we seem to be doing 
> differently.

> Pete

> On Thursday 02 December 2004 15:05, Alex Korneyev wrote:
>> Hello all,
>>
>>   i have sent this one before, but i am hoping someone else has
>>   had this particular problem.
>>   __
>>
>>
>>  i am hoping someone has seen the following behavior.
>>
>>
>>  TomcatA sends a redirect to TomcatB
>>
>>  on the backend, I can see that TomcatB receives a JSESSIONID that
was
>>  originally assigned to it by TomcatA;
>>
>>  i.e. cookie = JSESSIONID=6EF95FA9AA98E608C555E28875F57054;
>>
>>
>>  I rewrite reset the jsession id ( see the code bellow ), but
>>
>>
>>  on the next request i see this:
>>
>>  cookie = JSESSIONID=6EF95FA9AA98E608C555E28875F57054;
>> JSESSIONID=2251830F6F64DEFC974C19C79F1EABAB
>>
>>  for some reason using Mozilla works, but I.E. is the one that
passes
>>  2 JSESSIONID variables. Thoughts?
>>
>> if (cookies != null && cookies.length > 0)
>> {
>> int len = cookies.length;
>> for (int i = 0; i < len; i++)
>> {
>> if
>> (cookies[i].getName().equalsIgnoreCase("jsessionid")) {
>> cookies[i].setMaxAge(-1);
>> cookies[i].setPath("/");
>> _LOGGER.debug("COOKIE VALUE
" +
>> cookies[i].getValue() ); _LOGGER.debug("session id:  " + 
>> request.getSession().getId() ); _LOGGER.debug(" comp" + (
>> request.getSession().getId().equals(cookies[i].getValue(;
>> if (
>> request.getSession().getId().equals(cookies[i].getValue())) {
>>
_LOGGER.debug("equal");
>>
>> response.addCookie(cookies[i]); }
>> else
>> {
>> _LOGGER.debug("not
equal");
>> Cookie sessionCookie
= new
>> Cookie("JSESSIONID", request.getSession().getId());
>>
>> response.addCookie(sessionCookie); }
>> foundCookie = true;
>> _LOGGER.debug("updated
session
>> cookie");
>>
>> }
>> }
>> }
>>
>>
>>
>>
>>
>>
>>
>>
>>
-
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> For additional commands, e-mail:
>> [EMAIL PROTECTED]

>
-
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]



-- 
Best regards,
Alexmailto:[EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]