Hi Mike,
At 28.01.2002 11:05, you wrote:
>No, that's not exactly correct. Tomcat performs URL rewriting in its default
>configuration. So sessions are not 'only' possible if cookies are enabled.
>
>As a first line of defense, your JSP/servlets should be using the encodeURL
>or encodeRedirectURL m
> Is it correct, that session tracking with TOMCAT is only possible if
> Cookies are allowed in the browser. Or is there any configuration
> possibility to use URL rewriting if a browser has cookies disabled?
You can use URL rewriting, but it will also require that your HTML server
(Apache?) be
No, that's not exactly correct. Tomcat performs URL rewriting in its default
configuration. So sessions are not 'only' possible if cookies are enabled.
As a first line of defense, your JSP/servlets should be using the encodeURL
or encodeRedirectURL methods to ensure that any user that has cookies
