Re: session tracking in a context that contains JSP and servlets

On 9/22/05, Mark <[EMAIL PROTECTED]> wrote: > I would think that this is possible. I have been writing servlets for > over a year, but have not written a single line of JSP. Technically speaking each JSP is actually a servlet... more or less. Everything that works in the server works in the j

Re: session tracking in a context that contains JSP and servlets

I would think that this is possible. I have been writing servlets for over a year, but have not written a single line of JSP. On 9/21/05, David Wall <[EMAIL PROTECTED]> wrote: > Mark wrote: > > >I want to create a webapp that will contain both servlets and JSP. I > >will be using a login pag

Re: session tracking in a context that contains JSP and servlets

Mark wrote: I want to create a webapp that will contain both servlets and JSP. I will be using a login page to authenticate users. I will probably use one of the Tomcat supported authentication modules. I am wondering if it is possible for tomcat to properly manage session information when go

Re: Session Tracking

Thanks for e-mail's. I am new to these technologies & learning on my own, I will read on java language and session mgmt. Thanks again. R. --- Brian Cook <[EMAIL PROTECTED]> wrote: > > As well as the rules for session management. > > Wade Chandler wrote: > > I think you need to read up on the j

Re: Session Tracking

As well as the rules for session management. Wade Chandler wrote: I think you need to read up on the java language a bit. See what static and final mean. Wade --- Raghaw Goswami <[EMAIL PROTECTED]> wrote: Thanks for the e-mail: First time it was 0 , then 1 , This is when the browser wa

RE: Session Tracking

I think you need to read up on the java language a bit. See what static and final mean. Wade --- Raghaw Goswami <[EMAIL PROTECTED]> wrote: > Thanks for the e-mail: > First time it was 0 , then 1 , This is when the > browser was closed and opened then it never > incremented was always 0 when b

RE: Session Tracking

Thanks for the e-mail: First time it was 0 , then 1 , This is when the browser was closed and opened then it never incremented was always 0 when browser was closed and opened. I am attaching the Showsession.java file for reference. May be i am missing some thing if the variable is made static ho

Re: Session Tracking

Of corse it doesn't. If you close the browser you are killing the session. So when the browser reopens it is getting a new session object. This is exactly how it is supposed to work. You might be be able to store the value in a cookie, but if the user blocks them or has set their browser

RE: Session Tracking

Does it not increment at all or does the increment counter gets reset and starts all over again from 0. Basically if you want to keep the counter incrementing everytime you access that page (or hit that that servlet) you need to make it a static variable in your servlet/jsp. -Original Message-

RE: session tracking

Hi, Didn't anyone tell you to RTFM? That's a bit surprising... Anyways, RTFM at http://jakarta.apache.org/tomcat/tomcat-5.0-doc/config/context.html on the "cookies" context attribute. Try setting it to false. Yoav Shapira http://www.yoavshapira.com >-Original Message- >From: [EMAIL PR

Re: session tracking enforcement

> In my case it looks like I do have encode all URLs: firewall problem > with stripping out sessionId left me with no choice ;) Is it right > way of doing it? ACK! There's a firewall that's stripping out session ids from URLs but will let cookies through? There's a security no-brainer in charge.

Re: session tracking enforcement

In my case it looks like I do have encode all URLs: firewall problem with stripping out sessionId left me with no choice ;) Is it right way of doing it? Thanks a lot. Mark. --- David Wall <[EMAIL PROTECTED]> wrote: > > But that's details, the main point I made still holds, and that's > that > > t

Re: session tracking enforcement

> But that's details, the main point I made still holds, and that's that > the Servlet Spec mandates Tomcat's behavior in this area. Absolutely, Yoav! I certainly didn't mean to imply anything negative about your response, only that the original inquiry could be handled/checked by his application

RE: session tracking enforcement

Is it true, that new sessionId will be resend if a new session get created? --- "Shapira, Yoav" <[EMAIL PROTECTED]> wrote: > > Hi, > > >Session cookies (those that don't persist) are becoming quite > common > >actually because even small devices are able to keep that bit of > session > >state qu

RE: session tracking enforcement

Hi, >Session cookies (those that don't persist) are becoming quite common >actually because even small devices are able to keep that bit of session >state quite easily. Ahh yes, small devices. Good point. I based my earlier assertion on research I read recently showing a (and this is a good th

Re: session tracking enforcement

> >Is there any way to enforce a session cookie (JSESSIONID)to be send > >to the client (browser) from servlet. > > No, because the Servlet Spec says Servlet Container must work even on > clients that don't support cookies (or have cookies turned off, which is > becoming a more and more common use-

RE: session tracking enforcement

Hi, >Is there any way to enforce a session cookie (JSESSIONID)to be send >to the client (browser) from servlet. No, because the Servlet Spec says Servlet Container must work even on clients that don't support cookies (or have cookies turned off, which is becoming a more and more common use-case)

RE: Session Tracking based on the Client's IP

OTECTED]] > Sent: Thursday, November 21, 2002 7:32 AM > To: Tomcat Users List > Subject: Re: Session Tracking based on the Client's IP > > > But, How can I change the SessionID, for using the Client IP > as the Index? > The getSession() method retrieves the Session for

Re: Session Tracking based on the Client's IP

TED]> To: "Tomcat Users List" <[EMAIL PROTECTED]> Sent: Thursday, November 21, 2002 9:01 AM Subject: Re: Session Tracking based on the Client's IP > Hi , > request.getRemoteAddr() will give u the IP > Put time with session and compare when there is new request &g

Re: Session Tracking based on the Client's IP

Hi , request.getRemoteAddr() will give u the IP Put time with session and compare when there is new request jabs - Original Message - From: "Power-Netz (Schwarz)" <[EMAIL PROTECTED]> To: "Tomcat Users List" <[EMAIL PROTECTED]> Sent: Thursday, November 21, 2002 3:33 PM Subject: AW: Sessio

Re: Session Tracking based on the Client's IP

From: "Norbert Kuhnert" <[EMAIL PROTECTED]> To: "Tomcat Users List" <[EMAIL PROTECTED]> Sent: Wednesday, November 20, 2002 1:51 PM Subject: Re: Session Tracking based on the Client's IP > > Jose, > > Unfortunately, this approach would be somewhat unrel

Re: Session Tracking based on the Client's IP

Is there any way of keeping track of people that contact a site? I have had problems with people writing automated scripts to abuse a JSP based service. What they basically do is to write a script that fakes a http request sequence, pretending it is a browser like IExporer or Netscape. I realis

Re: Session Tracking based on the Client's IP

Jose, Unfortunately, this approach would be somewhat unreliable, depending on the sites accessing Tomcat. Most corporate networks are protected by a firewall and many of the do "Dynamic Network Address Translation". Dynamic NAT is used to hide the real IP address of clients connected from the int

Re: session tracking using URL rewriting & META=refresh

It looks like no one had to deal with this earlier. I made a work around, not fancy but works. I used: and in this page for etc., I used: > -Sri At 10:27 AM 8/29/2002, Srinadh Karumuri wrote: >Hi, > >I know there are two ways of session tracking in Tomcat 3. >1. Cookies based: This is out of

Re: Session Tracking cookie

On Wed, 28 Aug 2002, Sarkar, Sudipta wrote: > Hi, >I am using Tocat 3.2.1 on Win 2000. As Tomcat uses a cookie name > JSESSIONID to track httpsession, is there any way to change the name > of this cookie. I don't think so. But why would you want to? (Well, actually, you probably could, but

Re: Session tracking problem with Tomcat 4.0.3, Apache 2.0.39 andmod_proxy

Unfortunately I think you might need to run multiple instances of Tomcat in that case:( As you can't give multiple webapps a cookie with a "/" path. If you find any other solutions, however, please let me know:) Liam Morley Rick Mills wrote: >Hi > >Thanks for that, it was exactly what was hap

Re: Session tracking problem with Tomcat 4.0.3, Apache 2.0.39 and mod_proxy

Hi Thanks for that, it was exactly what was happening! Moving the context for the bodypainting WAR file to root, and changing the proxy pass to map http://www.bodypainting.co.uk/ to http://localhost:8000/ has fixed the problem, and my session tracking now works as expected. I now need to work o

Re: Session tracking problem with Tomcat 4.0.3, Apache 2.0.39 andmod_proxy

Rick, I'm pretty sure that this is the same issue that I've experienced. First, try mapping to "/bodypainting/" instead of "/". See if you get a cookie there. Then, if you have a browser that allows you to inspect session cookies (mozilla is good for this), check the path of your session cook

Re: Session tracking between http to https

mh asked: > but I can't retreive session between my two servlet. > > Can someone give me some code advice to perform this ? Check the archives? -- To unsubscribe: For additional commands: Troubles with the list:

RE: Session Tracking throughout apps

Unfortunately, I think the answer to your question is "it depends". You could code the controller servlet to handle all of the requests, in which case you would want to make it as small and fast as possible. Possibly get the session info, request a login if there is no session (if that is a requi

RE: Session tracking across virtual hosts?

to:[EMAIL PROTECTED]]On Behalf Of Craig R. McClanahan > Sent: Friday, December 07, 2001 10:38 PM > To: Tomcat Users List > Subject: RE: Session tracking across virtual hosts? > > > > > On Fri, 7 Dec 2001, Neil Aggarwal wrote: > > > Date: Fri, 7 Dec 2001 21:14:47 -0600

RE: Session tracking across virtual hosts?

On Fri, 7 Dec 2001, Neil Aggarwal wrote: > Date: Fri, 7 Dec 2001 21:14:47 -0600 > From: Neil Aggarwal <[EMAIL PROTECTED]> > Reply-To: Tomcat Users List <[EMAIL PROTECTED]> > To: Tomcat Users List <[EMAIL PROTECTED]> > Subject: RE: Session tracking across virtua

RE: Session tracking across virtual hosts?

t > Subject: Re: Session tracking across virtual hosts? > > > > > On Fri, 7 Dec 2001, Neil Aggarwal wrote: > > > Date: Fri, 7 Dec 2001 13:18:32 -0600 > > From: Neil Aggarwal <[EMAIL PROTECTED]> > > Reply-To: Tomcat Users List <[EMAIL PROTECTED

Re: Session tracking across virtual hosts?

On Fri, 7 Dec 2001, Neil Aggarwal wrote: > Date: Fri, 7 Dec 2001 13:18:32 -0600 > From: Neil Aggarwal <[EMAIL PROTECTED]> > Reply-To: Tomcat Users List <[EMAIL PROTECTED]> > To: Tomcat-User <[EMAIL PROTECTED]> > Subject: Session tracking across virtual hosts? > > Hello: > > I am developing a we

RE: session tracking documents,how-to...

http://java.sun.com look at the servlet specification Filip ~ Namaste - I bow to the divine in you ~ Filip Hanik Software Architect [EMAIL PROTECTED] www.filip.net -Original Message- From: João Folha [mailto:[EMAIL PROTECTED]] Sent: Monday, April 02, 2001 10:13 AM To: [EMAIL PROTECTED]

Re: Session tracking not working - POSTing FORMs

David Crooke wrote: > Use an encoded URL for the ACTION parameter of the FORM tag. Side note - with JServ this works for POSTed forms, but wouldn't work with forms using the GET method, since JServ used a querystring argument for its rewriting > > > David Wall wrote: > > > > The most likely exp

Re: Session tracking not working - POSTing FORMs

Use an encoded URL for the ACTION parameter of the FORM tag. David Wall wrote: > > The most likely explanation is that you are using instance variables in > > your servlets, instead of local variables, to represent the information > > for a particular request. These variables are shared across

Re: Session tracking not working - POSTing FORMs

On Fri, 23 Mar 2001, David Wall wrote: > > The most likely explanation is that you are using instance variables in > > your servlets, instead of local variables, to represent the information > > for a particular request. These variables are shared across all of the > > simultaneous requests to

Re: Session tracking not working - POSTing FORMs

> The most likely explanation is that you are using instance variables in > your servlets, instead of local variables, to represent the information > for a particular request. These variables are shared across all of the > simultaneous requests to the same servlet, so it's easy for one request to

Re: Session tracking not working

On Fri, 23 Mar 2001, Neil Aggarwal wrote: > Hello: > > I have tried tomcat 3.2.1 and 3.2.2 (4.0 bombed so I could not > try it) and I am getting this problem: > > I am creating a member-based site. Each tiem a member > logs in, I create a User object for them and store it > as a session attr

Re: Session Tracking Problem

Rajeev Bakhru typed the following on 03:24 PM 1/17/2001 -0500 >On the login jsp page in the application, I used a servlet and created a >session with >HttpSession session = req.getSession(true) ... >Then on this page (b) , I used > and passes the same variable again to >the another page (c). Che

Re: session tracking

David Wall typed the following on 09:08 AM 1/15/2001 -0800 >> if (session == null) { >> session = request.getSession(true); >> response.sendRedirect(response.encodeURL()); >> return; >> } > >Since this is a redirect, why aren't you using response.encodeRedirectURL()? >Does it not work?

Re: session tracking

> if (session == null) { > session = request.getSession(true); > response.sendRedirect(response.encodeURL()); > return; > } Since this is a redirect, why aren't you using response.encodeRedirectURL()? Does it not work? What is the difference anyway between those two? David -

RE: session tracking

://www.foo.com/myservlet?jsession=asf2e4234asdf - Chris. Brainbench MVP Java2 > -Original Message- > From: Regis Muller [mailto:[EMAIL PROTECTED]] > Sent: 15 January 2001 13:34 > To: [EMAIL PROTECTED] > Subject: Re: session tracking > > > Thanks but how could

RE: session tracking

> > Thanks but how could it work when clicking on netscape reload button ? > I haven't tried this but why not the below? response.sendRedirect(response.encodeURL(address)); --- Michael Wentzel Software Developer http://www.aswethink.com">Software As We Think mailto:[EMAIL PROTECTED]">Michael

Re: session tracking

Thanks but how could it work when clicking on netscape reload button ? Christopher Kirk wrote: > For session tracking to work, look at the following 2 methods > > resonse.encodeURL > and > response.encodeRedirectURL > > In this way, session tracking will only work when following links because >

RE: session tracking

For session tracking to work, look at the following 2 methods resonse.encodeURL and response.encodeRedirectURL In this way, session tracking will only work when following links because URL re-writting requires a link to modify whereas cookies go by the domain within the HTTP request. So, to m