RE: Session without cookies
I think some where(may be in the action class association with the action /test.do) you are creating new session each time for each request. Most possible mistake could be using Request.getSession(true); See below documentation from Servlet Specifications ** getSession() public HttpSession getSession() Returns the current session associated with this request, or if the request does not have a session, creates one. Returns: the HttpSession associated with this request See Also: getSession(boolean) getSession(boolean) public HttpSession getSession(boolean create) Returns the current HttpSession associated with this request or, if if there is no current session and create is true, returns a new session. If create is false andthe request has no valid HttpSession, this method returns null. To make sure the session is properly maintained, you must call this method before the response is committed. If the container is using cookies to maintain session integrity and is asked to create a new session when the response is committed, an IllegalStateException is thrown. Parameters: codetrue/code - to create a new session for this request if necessary; false to return null if there’s no current session Returns: the HttpSession associated with this request or null if create is false and the request has no valid session See Also: getSession() ** Chandra -Original Message- From: Chan Michael [mailto:[EMAIL PROTECTED] Sent: Monday, April 24, 2006 2:48 PM To: user@struts.apache.org Subject: Session without cookies Hi All, I have been searching for hours and still cannot find any useful info. Hope you can help. I am building a Struts app. (Struts 1.2.4 + Tomcat 5.5 + Apache 2.0.55 + Spring 1.2.6) and want to use session without enabling cookies. I use html:link to create links so ;jsessionid is appended to the end. Fine. The problem I have is every time I access a page, a new session id is created so essentially everything stored in session is lost. Here is some output from my test action, test.do: test.do = HttpSession session = request.getSession(); System.out.println(Is session new? + session.isNew()); System.out.println(Session id: + session.getId()); First access = Is session new? true Session id: B9F9E135DCBAC90AB2B5AEBCE901FAA5 Second access = Is sesssion new? false Session id: 8CCE7A388E76C0F56016E8F41E29E0E5 The session is not new but the id is different...I already set in Tomcat server.xml Context path=/myApp cookies=false... What am I missing?? Thanks in advance. Michael ___ YM - �x息 就算你�]有上�W,你的朋友仍可以留下��息�o你,��你上�W�r就能立即看到,任何�f��都�幼呤А� http://messenger.yahoo.com.hk - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
回覆: RE: Session without cookies
Hi Chandra, Thanks for your prompt reply. I have checked many many times and I have 100% sure there is no Request.getSession(true); in all my action classes. Thanks. Michael --- [EMAIL PROTECTED] : I think some where(may be in the action class association with the action /test.do) you are creating new session each time for each request. Most possible mistake could be using Request.getSession(true); See below documentation from Servlet Specifications ** getSession() public HttpSession getSession() Returns the current session associated with this request, or if the request does not have a session, creates one. Returns: the HttpSession associated with this request See Also: getSession(boolean) getSession(boolean) public HttpSession getSession(boolean create) Returns the current HttpSession associated with this request or, if if there is no current session and create is true, returns a new session. If create is false and the request has no valid HttpSession, this method returns null. To make sure the session is properly maintained, you must call this method before the response is committed. If the container is using cookies to maintain session integrity and is asked to create a new session when the response is committed, an IllegalStateException is thrown. Parameters: codetrue/code - to create a new session for this request if necessary; false to return null if there*s no current session Returns: the HttpSession associated with this request or null if create is false and the request has no valid session See Also: getSession() ** Chandra -Original Message- From: Chan Michael [mailto:[EMAIL PROTECTED] Sent: Monday, April 24, 2006 2:48 PM To: user@struts.apache.org Subject: Session without cookies Hi All, I have been searching for hours and still cannot find any useful info. Hope you can help. I am building a Struts app. (Struts 1.2.4 + Tomcat 5.5 + Apache 2.0.55 + Spring 1.2.6) and want to use session without enabling cookies. I use html:link to create links so ;jsessionid is appended to the end. Fine. The problem I have is every time I access a page, a new session id is created so essentially everything stored in session is lost. Here is some output from my test action, test.do: test.do = HttpSession session = request.getSession(); System.out.println(Is session new? + session.isNew()); System.out.println(Session id: + session.getId()); First access = Is session new? true Session id: B9F9E135DCBAC90AB2B5AEBCE901FAA5 Second access = Is sesssion new? false Session id: 8CCE7A388E76C0F56016E8F41E29E0E5 The session is not new but the id is different...I already set in Tomcat server.xml Context path=/myApp cookies=false... What am I missing?? Thanks in advance. Michael ___ YM - 褩#65533;#65533;洘 憩呾斕�]衄奻鋒ㄛ斕腔攬衭゛褫眕隱狟#65533;洘緻斕ㄛ#65533;斕奻鋒�r憩夔蕾撈艘善ㄛ¦睡挲#65533;飲�衿萯均� http://messenger.yahoo.com.hk - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ___ YM - 離線訊息 就算你沒有上網,你的朋友仍可以留下訊息給你,當你上網時就能立即看到,任何說話都冇走失。 http://messenger.yahoo.com.hk - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: RE: Session without cookies
Hi Chandra, As far as I know, the attribute cookies of the Context node in Tomcat server.xml is the only place I need to set. From the doc, http://tomcat.apache.org/tomcat-5.5-doc/config/context.html cookies: Set to true if you want cookies to be used for session identifier communication if supported by the client (this is the default). Set to false if you want to disable the use of cookies for session identifier communication, and rely only on URL rewriting by the application. Thanks. Michael --- [EMAIL PROTECTED] 說: Michael, isNew() is mostly depends on how server manages the session. Returns true if the client does not yet know about the session or if the client chooses not to join the session. For example, if the server used only cookie based sessions, and the client had disabled the use of cookies, then a session would be new on each request. May be its worth checking your server session management. Chandra --- Chan Michael [EMAIL PROTECTED] 說: Hi Chandra, Thanks for your prompt reply. I have checked many many times and I have 100% sure there is no Request.getSession(true); in all my action classes. Thanks. Michael --- [EMAIL PROTECTED] : I think some where(may be in the action class association with the action /test.do) you are creating new session each time for each request. Most possible mistake could be using Request.getSession(true); See below documentation from Servlet Specifications ** getSession() public HttpSession getSession() Returns the current session associated with this request, or if the request does not have a session, creates one. Returns: the HttpSession associated with this request See Also: getSession(boolean) getSession(boolean) public HttpSession getSession(boolean create) Returns the current HttpSession associated with this request or, if if there is no current session and create is true, returns a new session. If create is false andthe request has no valid HttpSession, this method returns null. To make sure the session is properly maintained, you must call this method before the response is committed. If the container is using cookies to maintain session integrity and is asked to create a new session when the response is committed, an IllegalStateException is thrown. Parameters: codetrue/code - to create a new session for this request if necessary; false to return null if there*s no current session Returns: the HttpSession associated with this request or null if create is false and the request has no valid session See Also: getSession() ** Chandra -Original Message- From: Chan Michael [mailto:[EMAIL PROTECTED] Sent: Monday, April 24, 2006 2:48 PM To: user@struts.apache.org Subject: Session without cookies Hi All, I have been searching for hours and still cannot find any useful info. Hope you can help. I am building a Struts app. (Struts 1.2.4 + Tomcat 5.5 + Apache 2.0.55 + Spring 1.2.6) and want to use session without enabling cookies. I use html:link to create links so ;jsessionid is appended to the end. Fine. The problem I have is every time I access a page, a new session id is created so essentially everything stored in session is lost. Here is some output from my test action, test.do: test.do = HttpSession session = request.getSession(); System.out.println(Is session new? + session.isNew()); System.out.println(Session id: + session.getId()); First access = Is session new? true Session id: B9F9E135DCBAC90AB2B5AEBCE901FAA5 Second access = Is sesssion new? false Session id: 8CCE7A388E76C0F56016E8F41E29E0E5 The session is not new but the id is different...I already set in Tomcat server.xml Context path=/myApp cookies=false... What am I missing?? Thanks in advance. Michael ___ YM - 褩#65533;#65533;洘 憩呾斕�]衄奻鋒ㄛ斕腔攬衭゛褫眕隱狟#65533;洘緻斕ㄛ#65533;斕奻鋒�r憩夔蕾撈艘善ㄛ¦睡挲#65533;飲�衿萯均� http://messenger.yahoo.com.hk - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ___ YM - 離線訊息
Re: 回覆: RE: Session without cookies
On 4/24/06, Chan Michael [EMAIL PROTECTED] wrote: Hi Chandra, Thanks for your prompt reply. I have checked many many times and I have 100% sure there is no Request.getSession(true); Request.getSession(true); and Request.getSession(); are 100% identical. regards Leon in all my action classes. Thanks. Michael - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Session without cookies
are you sure that u did not start a new browser process each time.? because sessions are browser process based. starting a new process and opening a new window within a browser window are different things. http://asahin.net -Original Message- From: Chan Michael [mailto:[EMAIL PROTECTED] Sent: Monday, April 24, 2006 12:18 PM To: user@struts.apache.org Subject: Session without cookies Hi All, I have been searching for hours and still cannot find any useful info. Hope you can help. I am building a Struts app. (Struts 1.2.4 + Tomcat 5.5 + Apache 2.0.55 + Spring 1.2.6) and want to use session without enabling cookies. I use html:link to create links so ;jsessionid is appended to the end. Fine. The problem I have is every time I access a page, a new session id is created so essentially everything stored in session is lost. Here is some output from my test action, test.do: test.do = HttpSession session = request.getSession(); System.out.println(Is session new? + session.isNew()); System.out.println(Session id: + session.getId()); First access = Is session new? true Session id: B9F9E135DCBAC90AB2B5AEBCE901FAA5 Second access = Is sesssion new? false Session id: 8CCE7A388E76C0F56016E8F41E29E0E5 The session is not new but the id is different...I already set in Tomcat server.xml Context path=/myApp cookies=false... What am I missing?? Thanks in advance. Michael ___ YM - 離線訊息 就算你沒有上網,你的朋友仍可以留下訊息給你,當你上網時就能立即看到,任何說 話都冇走失。 http://messenger.yahoo.com.hk - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
回覆: RE: Session without cookies
Hi, The test is done within the same tab in firefox. Thanks. Michael --- abdurrahman sahin [EMAIL PROTECTED] 說: are you sure that u did not start a new browser process each time.? because sessions are browser process based. starting a new process and opening a new window within a browser window are different things. http://asahin.net -Original Message- From: Chan Michael [mailto:[EMAIL PROTECTED] Sent: Monday, April 24, 2006 12:18 PM To: user@struts.apache.org Subject: Session without cookies Hi All, I have been searching for hours and still cannot find any useful info. Hope you can help. I am building a Struts app. (Struts 1.2.4 + Tomcat 5.5 + Apache 2.0.55 + Spring 1.2.6) and want to use session without enabling cookies. I use html:link to create links so ;jsessionid is appended to the end. Fine. The problem I have is every time I access a page, a new session id is created so essentially everything stored in session is lost. Here is some output from my test action, test.do: test.do = HttpSession session = request.getSession(); System.out.println(Is session new? + session.isNew()); System.out.println(Session id: + session.getId()); First access = Is session new? true Session id: B9F9E135DCBAC90AB2B5AEBCE901FAA5 Second access = Is sesssion new? false Session id: 8CCE7A388E76C0F56016E8F41E29E0E5 The session is not new but the id is different...I already set in Tomcat server.xml Context path=/myApp cookies=false... What am I missing?? Thanks in advance. Michael ___ YM - 離線訊息 就算你沒有上網,你的朋友仍可以留下訊息給你,當你上網時就能立即看到,任何說 話都冇走失。 http://messenger.yahoo.com.hk - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ___ YM - 離線訊息 就算你沒有上網,你的朋友仍可以留下訊息給你,當你上網時就能立即看到,任何說話都冇走失。 http://messenger.yahoo.com.hk - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: 回覆: RE: Session without cookies
Michael, It would help isolate the problem if you can use firefox's LiveHttpHeaders http://livehttpheaders.mozdev.org/ to examine Set-Cookies header from tomcat and Cookie header to tomcat. HTH Hansen -Original Message- From: Chan Michael [mailto:[EMAIL PROTECTED] Sent: Monday, April 24, 2006 3:22 AM To: Struts Users Mailing List Subject: 回覆: RE: Session without cookies Hi, The test is done within the same tab in firefox. Thanks. Michael --- abdurrahman sahin [EMAIL PROTECTED] �f: are you sure that u did not start a new browser process each time.? because sessions are browser process based. starting a new process and opening a new window within a browser window are different things. http://asahin.net -Original Message- From: Chan Michael [mailto:[EMAIL PROTECTED] Sent: Monday, April 24, 2006 12:18 PM To: user@struts.apache.org Subject: Session without cookies Hi All, I have been searching for hours and still cannot find any useful info. Hope you can help. I am building a Struts app. (Struts 1.2.4 + Tomcat 5.5 + Apache 2.0.55 + Spring 1.2.6) and want to use session without enabling cookies. I use html:link to create links so ;jsessionid is appended to the end. Fine. The problem I have is every time I access a page, a new session id is created so essentially everything stored in session is lost. Here is some output from my test action, test.do: test.do = HttpSession session = request.getSession(); System.out.println(Is session new? + session.isNew()); System.out.println(Session id: + session.getId()); First access = Is session new? true Session id: B9F9E135DCBAC90AB2B5AEBCE901FAA5 Second access = Is sesssion new? false Session id: 8CCE7A388E76C0F56016E8F41E29E0E5 The session is not new but the id is different...I already set in Tomcat server.xml Context path=/myApp cookies=false... What am I missing?? Thanks in advance. Michael ___ YM - �x息 就算你�]有上�W,你的朋友仍可以留下��息�o你,��你上�W�r就能立即看到,任何�f ��都�幼呤А� http://messenger.yahoo.com.hk - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ___ YM - �x息 就算你�]有上�W,你的朋友仍可以留下��息�o你,��你上�W�r就能立即看到,任何�f��都�幼呤А� http://messenger.yahoo.com.hk - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]