I think expiring the session is overkill - I would just leave the session as it is and use the filter to check and change my own hand-rolled session id.
Adam
On 12/03/2003 08:20 AM Navjot Singh wrote:
don't know why do you wish to do so? but it an be done. Write a filter. pass every request thru that.
1. Fetch the session, expire it. Server will assign new. 2. Fetch the session, don't expire the session, just append a timestamp to it. set a cookie and use that to maintain session.
HTH navjot singh
-----Original Message----- From: Gurpreet Dhanoa [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 03, 2003 11:44 AM To: Struts Users Mailing List Subject: Changing SessionId at every request
HI,
IS it possible to change the Session Id generated by the Web Server at every request for the same client. I wil make it much more clear.
Say i have a Servlet running on Tomcat. what i want is when ever any User lets assume USER A ask for a request i want to change the sessionId server variable which has been gerenrated by the Web Server to uniquely identify the client.
Purpose behind doing this is to make every request safe.
Any suggections will be higly appreciated.
Thanks in Advance Gary
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
-- struts 1.1 + tomcat 5.0.14 + java 1.4.2 Linux 2.4.20 RH9
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]