Web server can use three mechanisms to store the sessionid. 1. The SSL session id 2. The session id stored in a cooke 3. URL rewriting like you describe
If you configure your web server to have persistent sessions it should be able to share the session in a load balancing scenario. If you use cookies to store all your state information you could ignore HttpSessions all together. There may also be an elegant way to use a filter to save and restore session state from the cookie. The performance hit of persistent sessions is something to keep in mind. Corneil du Plessis Technical Specialist Internet Development Retail Channels Standard Bank Direct +27 (11) 636-2210 Mobile +27 (83) 442-9221 ICQ# 66747137 -----Original Message----- From: Brett Elliott [mailto:[EMAIL PROTECTED]] Sent: 14 October, 2002 07:07 To: [EMAIL PROTECTED] Subject: Struts and state information I would like to keep session state soley in cookies so I can use round robin HTTP load balancing versus sticky load balancing(sticky load balancing as in all requests are directed at a specific web server for a given user. I read Professional JSP, perused this mailing list and looked on the web and nothing really elaborates on where the state is stored by default. I see how the <html:link> </html:link> directive is translated into <a href=http://...;jsessionid=X></a> but where does it get X and where does it store the session information related to X? Does it rely on the jsession ID being passed around in URLs then keep the associated session information cached on the server? So if you have multiple servers you will need to use sticky load balancing to make sure users only use one webserver? What options are there in case I want to keep all session state in cookies? That is, ideally, I would generate an encrypted cookie w/ CRC containing the logged in username and minimal information about the user. And I would like to do this within the confines of Struts. Thanks for any help and I aplogize if this is a redundant question. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> ______________________________________________ Disclaimer and confidentiality note Everything in this e-mail and any attachments relating to the official business of Standard Bank Group Limited is proprietary to the company. It is confidential, legally privileged and protected by law. Standard Bank does not own and endorse any other content. Views and opinions are those of the sender unless clearly stated as being that of Standard Bank. The person addressed in the e-mail is the sole authorised recipient. Please notify the sender immediately if it has unintentionally reached you and do not read, disclose or use the content in any way. Standard Bank can not assure that the integrity of this communication has been maintained nor that it is free of errors, virus, interception or interference. ______________________________________________ -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
