Hi Bob, Are you using Cookies just to remember the visitors upon login, or are you using Cookies to assign and trace the whole session? (The other way would be using URL-rewriting on every link.)
Also when accessing the session variables are you using request.getSession(true/false) or request.getSession() in your servlet? > Each JSP has the session page directive set to true. Also, the code that > checks the login information is a servlet. Just BTW: How is that servlet mapped in web.xml? To what URL-pattern? ----- Original Message ----- From: Baker, Robert E <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, April 16, 2002 4:53 PM Subject: Session ID problem (?) > I am working with sessions, which I don't have too much experience with > (yet). In trying to make sure my logout code works correctly, I am printing > the session ID on each page I visit, before and after I log the user out. I > have an index.html page which allows users to login or register. When they > register, I put cookies on their machine to make it easier to log them in > the next time they visit. When they login after the cookies are placed on > their machines, the code automatically skips the login form and goes > straight to the content the site provides. The problem seems to be that two > separate session IDs are created, one by the "home" page (NOT index.html) > and one by the remaining pages. Below is a trace of the pages I'm visiting > in my test, with the session IDs associated with each. > > INDEX.HTML > LOGIN.JSP Session ID : czyf9dp7.224f > <<< LoginServlet >>> > HOME.JSP Session ID : czyf9dp7.e83 (*) > SETTINGS.JSP Session ID : czyf9dp7.224f > FAQ.JSP Session ID : czyf9dp7.224f > CONTACT.JSP Session ID : czyf9dp7.224f > HOME.JSP Session ID : czyf9dp7.224f (#) > LOGOUT.JSP Session ID : czyf9dp7.224f > > < old session was invalidated here > > > INDEX.HTML > LOGIN.JSP Session ID : czyf9dp7.6a03 > <<< LoginServlet >>> > HOME.JSP Session ID : czyf9dp7.72a9 (*) > SETTINGS.JSP Session ID : czyf9dp7.6a03 > FAQ.JSP Session ID : czyf9dp7.6a03 > CONTACT.JSP Session ID : czyf9dp7.6a03 > HOME.JSP Session ID : czyf9dp7.6a03 (#) > > What's really odd is that the first time the home.jsp page is visited (*), > it's ID is different from the others, but the second time (#) it matches. > > Each JSP has the session page directive set to true. Also, the code that > checks the login information is a servlet. > > Any ideas? > Bob > > ___________________________________________________________________________ > To unsubscribe, send email to [EMAIL PROTECTED] and include in the body > of the message "signoff SERVLET-INTEREST". > > Archives: http://archives.java.sun.com/archives/servlet-interest.html > Resources: http://java.sun.com/products/servlet/external-resources.html > LISTSERV Help: http://www.lsoft.com/manuals/user/user.html > > ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
