ok, so it WAS the encodeURL issue...the session was evaporating because the URL was not encoded. but this begs another question, why dont URLs get autmatically encoded during an action.. for instance I have a "goto" action, and I want to just have the url get encoded automatically on any url I pass to it without having to put the response encode in the JSP page. <action path="/goto" type="com.noi.webapp.contextuon.action.GotoAction" name="goto"> <forward name="login" path="/login.jsp"/> <forward name="home" path="/home.jsp"/> <forward name="contextmgr" path="/contextmgr.jsp"/> <forward name="createcontext" path="/createcontext.jsp"/> </action> <a href="go.do?forward=contextmgr">goto context manager</a> what would I have to add to my action class to accomplish this? public class GotoAction extends Action { public ActionForward perform(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { // Extract attributes we will need String ls_forward = request.getParameter("forward"); Locale locale = getLocale(request); MessageResources messages = getResources(); HttpSession session = request.getSession(false); if (session != null) { UserMgr user = (UserMgr)session.getAttribute("UsrMgr"); } else System.out.println("session not found"); // Forward control to the specified success URI return (mapping.findForward(ls_forward)); } } I guess I could write a custom tag but that seems like overkill.... Clay -----Original Message----- From: Sven Lauritzen [SMTP:[EMAIL PROTECTED]] Sent: Wednesday, September 05, 2001 7:28 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Session STOMP Hello! Do you have cookies enabled? If not, the session might get lost because you don't append the session id to the URL in your forward-statement. I think it should look like this: <jsp:forward page='<%= response.encodeURL("logon.jsp") %>' /> Tell me if it works. I'm working on a similar problem. Sven spot-media Sven Lauritzen Software-Entwicklung Lange Reihe 2 20099 Hamburg Fon +49-40-248 28 713 Fax +49-40-248 28 888 mailto:[EMAIL PROTECTED] http://www.spot-media.de ----- Original Message ----- From: Clay Graham <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, September 05, 2001 5:25 PM Subject: Session STOMP > User Crew, > > My sessions are being stomped (or actually being overriden by new ones) > every time I make a new request. They are fine from the form to the action > part, but the second I do a new request the session evaporates. I need to > be able to keep the session around because I have a userMgr object that I > store in the session that I need as long as the user is logged in (old > hat). > > the_session.setAttribute("UserMgr", > l_new_user); > the_session.setMaxInactiveInterval(300); > > so when it gets to the home page for logged in users it gets the user > manager fine: > > Welcome to Contextuon Clay! > session id:8k2hwyjun1 > session attributes: > org.apache.struts.action.TOKEN > org.apache.struts.action.LOCALE > UserMgr > loginForm > and the URL that made that fine message relates to the action handler for > login > http://localhost/contextuon/login.do;jsessionid=8k2hwyjun1 > great....goodness...I saved the user manager to session, now the problem > starts....the user is logged in so they can goto all "user pages", those > pages will actually forward back to the login page if the user is not > logged in. > <jsp:useBean id="UserMgr" scope="session" > class="com.noi.webapp.contextuon.bl.UserMgr" /> > <% if (UserMgr.isActive() == false){%> > <jsp:forward page='logon.jsp' /> > <%}%> > THE PROBLEM: from this point forward any request will stomp the session and > create a new one. The UserMgr is gone on any "user page" because there is > an entirely new session. I use a goto action to make sure I am not leaving > the struts framework and pass a forward directive to the action > handler...(paranoia) > http://localhost/contextuon/goto.do?forward=contextmgr > I tried using the "false" directive in this action > HttpSession session = request.getSession(false); > but that didn't do a thing. > any ideas why my session.....EVAPORATES? > any ideas are appreciated. > > Clay > > > > > > ok, so just to make it clear...I NEVER do this (Except in my logout action > which has not happened), so it ain't me. > > session.removeAttribute("UsrMgr"); > session.invalidate(); > > > > So I don't know why this is happening, or even if its because of struts, it > may actually be Tomcat that is generating new sessions but I found out > about it while writing my my LoginAction class so there ya have it... > > >