Well, the cookie is written but RAM memory must be allocated for these users as well, right? If you have a timeout set to 30 minutes, you've got a lot of little pieces of RAM being held by these users at any given time. Seems waistful to me, regardless how small they are. It just seems silly to be writing cookies for every page, regardless of whether you need one. Well, no - no I don't use any filters, I do have that directive for no session and I do have the cookies="false" in my server.xml. I guess I'll take another look but everything I've been tyring isnt' working. grrr.
Mike Curwen <[EMAIL PROTECTED]> wrote: I think it's slightly unfair to characterise the 'on by default' as a 'huge' waste of resources. As Yoav mentioned, the session object is essentially empty and very small. If you don't use it, it should not be a problem. As for 'RAM resources to write a cookie...', that's accomplished on the client, so no load on our server. Also, because it's "on by default", you need to ensure that every single JSP includes the 'no session please' directive. Missing it once will create a session for every user that hits the page. Look for this especially in some sort of 'meta' page (like header.jsp or login.jsp or footer.jsp) which are included in any number of other pages. As for filters, people are referring to any javax.servlet.Filter classes you may have written. > -----Original Message----- > From: neal cabage [mailto:[EMAIL PROTECTED] > Sent: Tuesday, January 20, 2004 3:48 PM > To: Tomcat Users List; [EMAIL PROTECTED] > Subject: Re: Tomcat - Automatically writes a session? > > > Unfortunately this isn't working either. In addition to the > directive in my JSP, I have also > set the cookies="false" attribute in my server.xml file, for > the host in question. It is *still* happening! > > Perhaps this is a Tomcat bug, as previously suggested? > Correct me if I'm wrong, but doesn't this imply a *HUGE* > waist of RAM resources to be writing a cookie like this by > default? Why on earth would a web app do this by default? > Are there any other ways to shut it off? It was mentioned in > the previous thread to look at the servlet being compiled, > which may be a good idea - but I don't know what the solution > will be if it is in fact compiling the servlet incorrectly. > Any other config opps to choke it off? > > Neal > > > Torsten Fohrer wrote: > > tomcat sents automatically a cookie named jsessionid for > session maintain to a > browser. with cookies="false" as a context attrribute you > disable this > behaviour > > > > from tomcat documentation: > > ------ > cookies > > Set to true if you want cookies to be used for session identifier > communication if supported by the client (this is the > default). Set to false > if you want to disable the use of cookies for session identifier > communication, and rely only on URL rewriting by the application. > ---- > > or http://jakarta.apache.org/tomcat/tomcat-5.0-doc/config/context.html > > cu Torsten Fohrer > > > On Tuesday 20 January 2004 20:58, you wrote: > > Verify in your JSP's .java file that sessions are really > being turned > > off. Look to see if there is a > > session=pageContext.getSession() > > > > Also, I think the call to > > pageContext = _jspxFactory.getPageContext(..... > > > > Needs to have "false" as the 3rd to last argument. > > > > >>> [EMAIL PROTECTED] 1/20/04 12:39:54 PM >>> > > > > Neal wrote: > > >I used the tag "" which does appear correct, > > >but I'm still seeing that header: > > > > > >"Set-Cookie: JSESSIONID=97C8777F16379B8EC2CD17273CE35C3C; Path=/" > > > > > >There are two reasons why I want to get rid of this: > > > > > >1. I assume I'm waiting server resources holding open a > session for > > >every user, unnecessarily. > > > > > >2. I've been told this may prevent Google from properly > spidering the > > >site. > > > > > > > > >Can you please shed any more light on how to fix this potential > > > > issue? > > > > > > > > Probably not, but I will try... > > > > Did you clear the cookies on your browser? If the browser is saying > > "Hi! XXX is my session ID", then, (iif that session > exists), tomcat is > > free > > > > of saying "Hi! keep your session ID, which is XXX" > > > > Other than that, no idea. I have never struggled to avoid cookies. > > Sorry. I was only echoing something I have read in the past. > > > > > > Antonio Fiol > > > > Jeff Tulley ([EMAIL PROTECTED]) > > (801)861-5322 > > Novell, Inc., The Leading Provider of Net Business Solutions > > http://www.novell.com > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > --------------------------------- > Do you Yahoo!? > Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------- Do you Yahoo!? Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes
