This is not a valid address at SNL Securities (http://www.snl.com). Please remove him/her from your mailing list or address book. Your message reads: Received: from snlexch.snl.com (unverified [10.0.1.9]) by mail.snl.com (Rockliffe SMTPRA 4.5.4) with ESMTP id <[EMAIL PROTECTED]> for <[EMAIL PROTECTED]>; Thu, 22 Feb 2001 15:06:43 -0500 Received: by SNLEXCH with Internet Mail Service (5.5.2653.19) id <F3WAVKTC>; Thu, 22 Feb 2001 15:04:24 -0500 Received: from mail.snl.com (SNLDMZBDC [10.0.0.7]) by snlexch.snl.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13) id F3WAVKTA; Thu, 22 Feb 2001 15:04:18 -0500 Received: from apache.org (unverified [64.208.42.41]) by mail.snl.com (Rockliffe SMTPRA 4.5.4) with SMTP id <[EMAIL PROTECTED]> for <[EMAIL PROTECTED]>; Thu, 22 Feb 2001 15:06:37 -0500 Received: (qmail 29295 invoked by uid 500); 22 Feb 2001 17:12:26 -0000 Received: (qmail 29277 invoked from network); 22 Feb 2001 17:12:23 -0000 Received: from 109-madr-x44.libre.retevision.es (HELO aliatec.local) (62.83.27.109) by h31.sny.collab.net with SMTP; 22 Feb 2001 17:12:23 -0000 Received: from ACONCAGUA by aliatec.local with SMTP (MDaemon.v3.1.1.R) for <[EMAIL PROTECTED]>; Thu, 22 Feb 2001 17:52:54 +0100 Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm Precedence: bulk Reply-To: [EMAIL PROTECTED] list-help: <mailto:[EMAIL PROTECTED]> list-unsubscribe: <mailto:[EMAIL PROTECTED]> list-post: <mailto:[EMAIL PROTECTED]> Delivered-To: mailing list [EMAIL PROTECTED] From: <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Date: Thu, 22 Feb 2001 17:37:35 +0100 Subject: RE: Tomcat - Sessions and WAP Browsers Priority: Normal X-mailer: Phoenix Mail 0.92.08 Standard Edition MIME-Version: 1.0 Content-type: multipart/mixed; boundary=-----Phoenix-Boundary-07081998- X-MDRcpt-To: [EMAIL PROTECTED] X-Return-Path: [EMAIL PROTECTED] X-MDaemon-Deliver-To: [EMAIL PROTECTED] Message-ID: <[EMAIL PROTECTED]> X-Spam-Rating: h31.sny.collab.net 1.6.2 0/1000/N -------Phoenix-Boundary-07081998- Content-type: text/plain; charset=ISO-8859-1 Content-transfer-encoding: Quoted-printable Hi!, Actually, WAP protocol does not support cookies (at least the version I = worked on). You have to deal with URL Rewriting, in order to include the session ID = into the requested URL. Once there, tomcat automatically reads the = session=20 ID from the URL instead of using the cookie. This is the same as when=20 programming standard HTML pages with browsers without cookies support. Take a look to the 'HttpServletResponse' class and the method = 'encodeURL'.=20 This will made the task of including the Session ID in the URL if = needed. Hope this helps. Regards Bob. =09 ------------------------------ > The real problem I am running into is that most WAP browsers don't = support > cookies and thus the storing of session data in the cookie. I use = Tomcat=20 as > my servlet engine, and I have a secured part of my site.=20 > > How Tomcat works in a web environment is this. When you request a = page=20 that > is secured, tomcat places the session variable > 'tomcat.auth.originalLocation' into the session. This variable holds = onto > the requested URL. After placing the variable into the session, it=20 forwards > you to your specified login page i.e. '/secure/login.jsp'. Upon = successful > login/authentication it will forward you to the page referenced in = the > 'tomcat.auth.originalLocation' session variable, along with placing a = few > more variables in the session. > > This becomes a problem in the WAP browser environment because none of = the > WAP browsers support cookies, thus cannot get access to the session=20 variable > 'tomcat.auth.originalLocation'. > > Hope this makes more sense? > > Thanks for your thoughts, > > Bob ------------------------------ -------Phoenix-Boundary-07081998- Content-Type: text/plain; charset=us-ascii --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, email: [EMAIL PROTECTED] -------Phoenix-Boundary-07081998--- --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, email: [EMAIL PROTECTED]