You're 100% right, thanks for pointing that out. Requires Servlet 2.3-compliant web server though.
--joe > -----Original Message----- > From: Karr, David [mailto:david.karr@;attws.com] > Sent: Thursday, November 14, 2002 3:23 PM > To: Struts Users Mailing List > Subject: RE: Disabling jsessionid parameter in Struts forms > > > > > > > My understanding (and I'd be pleased to be wrong) is that with > > > non-customized Struts, imposing a rule like this and keeping the > > > jsessionid always out of the URL is not possible. This seems > > > restrictive, and perhaps should be re-evaluated. > > > > This is so easy to implement yourself it barely even bears > > discussing. Create an abstract Action super-class, check to > > see if cookies are enabled, and if they aren't, block access > > and give the user an error message to that effect. You could > > have written it in the time you composed this email. > > Couldn't this also be done with a Filter? That would > probably be better, as otherwise you'd have to change all of > your Action classes to derive from a new class. If you're > already inheriting from a custom Action base class, then that > would be fine. > > -- > To unsubscribe, e-mail: > <mailto:struts-user-unsubscribe@;jakarta.apache.org> > For additional commands, e-mail: > <mailto:struts-user-help@;jakarta.apache.org> > > -- To unsubscribe, e-mail: <mailto:struts-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:struts-user-help@;jakarta.apache.org>