I hit the "send" button by mistake before I had finished. So, here is the
end of the story :
On the first request, session is new. A cookie is sent with the response and
the urls get rewritten in case the cookie will not be accepted. You can
verify this by looking at the link in the page displayed by TestSession. On
subsequent requests, the cookie is receivend so the urls do not need to be
rewritten.
Pierre-Yves
-----Message d'origine-----
De : A mailing list for discussion about Sun Microsystem's Java Servlet
API Technology. [mailto:[EMAIL PROTECTED]]De la part de
Pierre-Yves Saumont
Envoy� : vendredi 18 mai 2001 10:23
� : [EMAIL PROTECTED]
Objet : Re: Session & Database connection
In fact, with Tomcat 3.1, both isRequestedSessionIdFromCookie() and
isRequestedSessionIdFromURL() return true on the first recurring request (I
mean the first request that include session ID) if the URL was rewrited. On
subsequent requests, if sessionID is present in both cookie and URL, only
isRequestedSessionIdFromCookie() will return true.
Pierre-Yves
-----Message d'origine-----
De : A mailing list for discussion about Sun Microsystem's Java Servlet
API Technology. [mailto:[EMAIL PROTECTED]]De la part de
Nevarez, Benjamin
Envoy� : vendredi 18 mai 2001 00:16
� : [EMAIL PROTECTED]
Objet : Re: Session & Database connection
Yes, this example is very interesting.
In both my IE and Netscape browsers, URL is used always the first time.
After that, if cookies are enabled the servlet will use it, if not it will
use URL again.
Benjamin
-----Original Message-----
From: Pierre-Yves Saumont [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 17, 2001 7:47 AM
To: [EMAIL PROTECTED]
Subject: Re: Session & Database connection
Here is an example to play with :
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
public class TestSession extends HttpServlet {
public void doGet( HttpServletRequest request,
HttpServletResponse
response)
throws IOException,
ServletException {
response.setContentType("text/html");
PrintWriter pw = response.getWriter();
HttpSession session = request.getSession();
pw.println("<p>Session is new : " + session.isNew());
pw.println("<p>Session ID : " + session.getId());
pw.println("<p>Session is from cookie : " +
request.isRequestedSessionIdFromCookie());
pw.println("<p>Session is from URL : " +
request.isRequestedSessionIdFromURL());
pw.println("<p><a href='" +
response.encodeURL("TestSession") + "'>New request</a>");
}
}
Try this servlet with as many browsers you can, with cookies enabled and
disabled. Observe not only the page displayed, but also the address field in
the browser window. Everyhing will become clear !
Pierre-Yves
-----Message d'origine-----
De : A mailing list for discussion about Sun Microsystem's Java Servlet
API Technology. [mailto:[EMAIL PROTECTED]]De la part de
Pierre-Yves Saumont
Envoy� : samedi 28 avril 2001 23:19
� : [EMAIL PROTECTED]
Objet : Re: Session & Database connection
The answer to this question is specific to each browser. If the session is
from cookie, the cookie might be sent to the server when the new window is
open, because the browser would open this window with the same document that
is in the first window, sending the same request to the server (as if you
had reloaded the page.) This is the way IE 5.5 works. This is browser
specific. Netscape 4.7 opens a blank page, but it sends the cookie if you
access the same url.
If the session is from rewrited URL, it wont work that way. You will only
get session traking through urls that you will have sent back to the browser
after having encoded them. The difference is important :
- With cookie, you get the same session as soon as you reload the page.
- With rewrited url, you get the same session only if you reload the page
from the rewrited url.
So with session from url, when you open a new window with Netscape, you wont
get your session in that window. With IE, you wil get your session only if
the rewrited URL had been used at least once in the former window.
As this might sound a bit confusing, I suggest you test all that stuff. For
this purpose, I just wrote a tiny servlet you can use :
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
public class TestSession extends HttpServlet {
public void doGet( HttpServletRequest request,
HttpServletResponse
response)
throws IOException,
ServletException {
response.setContentType("text/html");
PrintWriter pw = response.getWriter();
HttpSession session = request.getSession();
pw.println("<p>Session is new : " + session.isNew());
pw.println("<p>Session ID : " + session.getId());
pw.println("<p>Session is from cookie : " +
request.isRequestedSessionIdFromCookie());
pw.println("<p>Session is from URL : " +
request.isRequestedSessionIdFromURL());
pw.println("<p><a href='" +
response.encodeURL("TestSession") + "'>New
request</a>");
}
}
Try this servlet with as many browsers you can, with cookies enabled and
disabled. Observe not only the page displayed, but also the address field in
the browser window. Everyhing will become clear !
Pierre-Yves
-----Message d'origine-----
De : A mailing list for discussion about Sun Microsystem's Java Servlet
API Technology. [mailto:[EMAIL PROTECTED]]De la part de roy
woods
Envoy� : samedi 28 avril 2001 13:00
� : [EMAIL PROTECTED]
Objet : Re: Session & Database connection
--- Pierre-Yves Saumont <[EMAIL PROTECTED]> wrote:
> Nearly. That's it probably shouldn't be done that
> way.
>
> Pierre-Yves
Let me ask one question. How about if the user opens
up another browser window after login. How sessions
are managed then? I know this was discussed many times
before but not to my satisfaction. Can anyone shed
light on that one please?
roy_
__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
http://auctions.yahoo.com/
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
