Well, one option I can think of would be to send a non-"per session" cookie
(with an EXPIRES attribute) - you probably will need to disable tomcat from
sending cookies as sending 2 "JSESSIONID" cookies will probably confuse the
browser! (this is configured in Tomcat with cookies="false" attribute in the
Context for your webapp).
The following code should go at the very top of page(s) that are accessed
frequently by users - this will generate a "persistent" cookie. The example
uses a cookie that will expire after 24 hours - the time will be updated
each time they hit the page - so should expire 24 hours after their last
access of your app.
Presumably you'll also need to set the expiration time for the session to at
least 24 hours, too - so when the cookie is sent back to the server the
session still exists! (Hopefully you don't have too many users so session
state will not use too much memory!).
<%
// Setup a calendar to calculate the expires date and time (in GMT)
java.util.Calendar expires = java.util.Calendar.getInstance();
expires.setTimeZone( java.util.TimeZone.getTimeZone("GMT") );
// Add-on number of hours, e.g. 24 hours
expires.add( java.util.Calendar.HOUR, 24 );
// Create a format object to output the date and time in the desired
format (and in GMT)
java.text.SimpleDateFormat format = new java.text.SimpleDateFormat("EEE,
dd MMM yyyy HH:mm:ss zzz",java.util.Locale.US);
format.setTimeZone( java.util.TimeZone.getTimeZone("GMT") );
// Send a cookie with the required information
response.setHeader("Set-Cookie","JSESSIONID="+ session.getId() +";
EXPIRES="+ format.format(expires.getTime()) +"; PATH=/");
%>
NB: Code has been written with fully-qualified classes so it will run "as
is" - alternatively shorten the classes and us page imports.
I've quickly checked code - it does compile and does send a cookie but you
may need to check syntax of the cookie sent.
Let me know if it works!
Hue.
> -----Original Message-----
> From: Billy Ng [mailto:[EMAIL PROTECTED]
> Sent: 16 August 2003 06:36
> To: Struts Users Mailing List
> Subject: Re: persisting session id
>
>
> Can I put the JSESSIONID in the persistent cookie? When user hit
> the page,
> will the serlvet pick up the JSESSIONID from the cookie instead of memory?
>
> Billy Ng
>
> ----------------------------------------------------
> This mailbox protected from junk email by Matador
> from MailFrontier, Inc. http://info.mailfrontier.com
>
> ----- Original Message -----
> From: "Max Cooper" <[EMAIL PROTECTED]>
> To: "Struts Users Mailing List" <[EMAIL PROTECTED]>;
> "Billy Ng"
> <[EMAIL PROTECTED]>
> Sent: Friday, August 15, 2003 10:06 PM
> Subject: Re: persisting session id
>
>
> > You will lose the session when you close the browser. The session cookie
> is
> > not persistent, which means your browser will "forget" the
> session id when
> > it shuts down. In addition to that, the app server will destroy old
> sessions
> > after a timeout period that can be set in web.xml (usually 90 minutes or
> > less).
> >
> > Do you want persistent logins, or are there other things in the session
> you
> > wish to preserve? If you just want persistent logins, a "remember me"
> > feature is coming together for SecurityFilter
> (http://securityfilter.org/)
> > that should be available in the next few months. Note that
> things added to
> > the session in the last session will not be present when you
> return -- you
> > are just automatically logged in again.
> >
> > -Max
> >
> > ----- Original Message -----
> > From: "Billy Ng" <[EMAIL PROTECTED]>
> > To: "Struts Users Mailing List" <[EMAIL PROTECTED]>
> > Sent: Friday, August 15, 2003 11:12 AM
> > Subject: persisting session id
> >
> >
> >
> > Hi folks,
> >
> > This is really a tomcat related question, but I have no luck in tomcat
> > ailing list. My question is I will lose the session everytime
> I close the
> > browser. Is there a way to persist the session even I close
> the browser?
> >
> > Thanks!
> >
> > Billy Ng
> >
> >
> > ----------------------------------------------------
> > This mailbox protected from junk email by Matador
> > from MailFrontier, Inc. http://info.mailfrontier.com
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
> ---
> Incoming mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.510 / Virus Database: 307 - Release Date: 14/08/2003
>
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.510 / Virus Database: 307 - Release Date: 14/08/2003
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
