DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11129>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11129 New valve for putting the sessionIDs in the requestURI Summary: New valve for putting the sessionIDs in the requestURI Product: Tomcat 4 Version: 4.1.8 Platform: All URL: http://entity38.de/develop/SIDValve/ OS/Version: All Status: NEW Severity: Enhancement Priority: Other Component: Catalina AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] The idea behind this valve ist to encode the session id at the beginning of the requestURI as if the session id were a directory: http://localhost:8080/SID414B8C73851AB59D04DEC5A4A79AF0B3/examples/test.jsp The advantage over the response.encodeURL() method is a) you don't have to encode every url by hand and b) it also works with html pages as long as you only use relative links. An other advantage is, that this pages are certainly not cached, even by older proxy caches like wingate and you don't need cookies. This valve only filters the the sessionID out of the requestURI and sets it in the request. To get the sessionID into the requestURI you have to insert the following code at the beginnig of every jsp-page (e.g. with an jsp-include). if(session.isNew()) { String uri = "/SID" + session.getId() + request.getRequestURI(); response.sendRedirect(uri); return; } -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>