using WebLogic 8.1SP3 and I do have url rewriting turned on ( we are also in a cluster): <session-param>
<param-name>URLRewritingEnabled</param-name> <param-value>true</param-value> </session-param> Dimitrios Gianninas Developer Optimal Payments Inc. ________________________________ From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On Behalf Of Paul DeCoursey Sent: Thursday, April 26, 2007 9:03 PM To: flexcoders@yahoogroups.com Subject: [flexcoders] Re: FF and Java sessions I have had this same issue and in some cases I was able to get it to share the session when I make a get call first and then use the same URLRequest for the upload. This didn't work for me when I was uploading to a server different than the server the app was served from. What I did in that case was basically the same except that the first request would get a token that I would add to the upload request. My upload processing servlet then would ignore sessions and handle the upload based on the token. These tokens would then expire after a a short time so they couldn't be exploited. We would do other checks to make sure the remote was the same for both requests as well. I don't think this is the best solution however, but it works. Just to rule it out, what server container are you using? Make sure that URL rewriting is allowed for session management. I know that WebSphere does not have this enabled by default. I think that tomcat and JBoss both do, but you should check. URL rewriting is the method used to get the session from the url. Paul --- In flexcoders@yahoogroups.com <mailto:flexcoders%40yahoogroups.com> , Bjorn Schultheiss <[EMAIL PROTECTED]> wrote: > > Dimitrios, > > I actually get the same JSESSIONID value when i make an upload > request to a servlet. > Although i am making a POST request and send vars via the > URLVariables object. > > example: > var req:URLRequest = new URLRequest > ( config_model.userConfig.datasetUpPath + "/upload" ); > var urlVars:URLVariables = new URLVariables(); > urlVars.id = upload_model.fileID; > urlVars.username = config_model.userConfig.username; > urlVars.password = config_model.userConfig.password; > req.data = urlVars; > req.method = URLRequestMethod.POST; > > upload_model.artworkFileRef.upload( req ); > > > Bjorn. > > > On 27/04/2007, at 7:38 AM, Dimitrios Gianninas wrote: > > > > > As some of you may already know, when performing a file upload with > > Flex to a Java servlet, a new session is created not matching the > > existing session the user has with the server when their Flex app > > actually loads. > > > > I've read some posts and see that ppl are appending the JSESSIONID > > to the url to get the same session to be used by the server when an > > upload request is sent by a Flex app. By doing: > > > > var req:URLRequest = new URLRequest("/billing/servlet/ > > FileSvlt;JSESSIONID=" + jSessionId); > > > > But this doesnt work for me.... any reason why? something I am > > doing wrong? > > > > Dimitrios Gianninas > > Developer > > Optimal Payments Inc. > > > > AVIS IMPORTANT > > > > WARNING > > > > Ce message électronique et ses pièces jointes peuvent contenir des > > renseignements confidentiels, exclusifs ou légalement privilégiés > > destinés au seul usage du destinataire visé. L'expéditeur original > > ne renonce à aucun privilège ou à aucun autre droit si le présent > > message a été transmis involontairement ou s'il est retransmis sans > > son autorisation. Si vous n'êtes pas le destinataire visé du > > présent message ou si vous l'avez reçu par erreur, veuillez cesser > > immédiatement de le lire et le supprimer, ainsi que toutes ses > > pièces jointes, de votre système. La lecture, la distribution, la > > copie ou tout autre usage du présent message ou de ses pièces > > jointes par des personnes autres que le destinataire visé ne sont > > pas autorisés et pourraient être illégaux. Si vous avez reçu ce > > courrier électronique par erreur, veuillez en aviser l'expéditeur. > > > > This electronic message and its attachments may contain > > confidential, proprietary or legally privileged information, which > > is solely for the use of the intended recipient. No privilege or > > other rights are waived by any unintended transmission or > > unauthorized retransmission of this message. If you are not the > > intended recipient of this message, or if you have received it in > > error, you should immediately stop reading this message and delete > > it and all attachments from your system. The reading, distribution, > > copying or other use of this message or its attachments by > > unintended recipients is unauthorized and may be unlawful. If you > > have received this e-mail in error, please notify the sender. > > > > > > > > Regards, > > Bjorn Schultheiss > Senior Developer > > Personalised Communication Power > > Level 2, 31 Coventry St. > South Melbourne 3205, > VIC Australia > > T: +61 3 9674 7400 > F: +61 3 9645 9160 > W: http://www.qdc.net.au <http://www.qdc.net.au> > > ((------------This transmission is confidential and intended solely > for the person or organization to whom it is addressed. It may > contain privileged and confidential information. If you are not the > intended recipient, you should not copy, distribute or take any > action in reliance on it. If you believe you received this > transmission in error, please notify the sender.---------------)) > -- WARNING ------- This electronic message and its attachments may contain confidential, proprietary or legally privileged information, which is solely for the use of the intended recipient. No privilege or other rights are waived by any unintended transmission or unauthorized retransmission of this message. If you are not the intended recipient of this message, or if you have received it in error, you should immediately stop reading this message and delete it and all attachments from your system. The reading, distribution, copying or other use of this message or its attachments by unintended recipients is unauthorized and may be unlawful. If you have received this e-mail in error, please notify the sender. AVIS IMPORTANT -------------- Ce message électronique et ses pièces jointes peuvent contenir des renseignements confidentiels, exclusifs ou légalement privilégiés destinés au seul usage du destinataire visé. L'expéditeur original ne renonce à aucun privilège ou à aucun autre droit si le présent message a été transmis involontairement ou s'il est retransmis sans son autorisation. Si vous n'êtes pas le destinataire visé du présent message ou si vous l'avez reçu par erreur, veuillez cesser immédiatement de le lire et le supprimer, ainsi que toutes ses pièces jointes, de votre système. La lecture, la distribution, la copie ou tout autre usage du présent message ou de ses pièces jointes par des personnes autres que le destinataire visé ne sont pas autorisés et pourraient être illégaux. Si vous avez reçu ce courrier électronique par erreur, veuillez en aviser l'expéditeur.