I'm not entirely sure I understand your problem, but I'll take a stab at it anyway....
Typically, you don't need to worry about where the sessionid comes from. Anywhere you send a redirect or put a link in a JSP or servlet generated html, you should ALWAYS use HttpServletResponse.encodeURL() or HttpServletResponse.encodeRedirectURL(). Once tomcat knows whether or not the browser is using cookies, it will encode the URL as needed. If cookies are enabled, the URL will be unchanged. If no cookies, the session ID will be inserted. Tomcat does this for you. You don't need to worry about it, just encode ALL URLs. Jeff ----- Original Message ----- From: "Michael" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, March 28, 2002 4:16 AM Subject: session from URL/Cookie > > Hi! > > (tomcat 3.3.1) > > *** please help! *** > > my question (short version;-): > client supports cookies and makes a request with session-encoded URL: > request: http://myserver/testservlet;jsessionid=12121212 > isRequestedSessionIdFromURL() is false > isRequestedSessionIdFromCookie() is true > and > getRequestURI() won't show the encoded sessionid!!! > > so how to find out, that the URL is encoded??? > > > question (long version): > > If a client request comes with no session (or an invalid session) I do: > > session = request.getSession(true); //create session > result.sendRedirect(result.encodeRedirectURL(request.getRequestURI())); //redirect to the same page, so the next request comes with valid session > > - tomcat can't know, whether my browser supports cookies the time it creates the >session or not > - so it encodes the sessionid into the URL > - after the redirect, I can check, if the client's browser supports cookies (isRequestedSessionIdFromURL() /Cookie()) - this works in any case, because the URL is encoded!!! > my problem: > - now I would like to make another redirect, if the browser supports cookies (so the sessionid won't be visible in the URL again) or leave the session id in the encoded URL (if it doesn't support cookies) > > BUT how to check, if the sessionid is encoded into the URL, when the browser supports cookies??? > isRequestedSessionIdFromURL() is false > isRequestedSessionIdFromCookie() is true > and > getRequestURI() won't show the encoded sessionid!!! > > an example: > client request: http://myserver/testservlet (no session) > -> create new session - redirect to same page > client request: http://myserver/testservlet;jsessionid=12121212 > -> now tomcat sees if the browser supports cookies or not - but how do I recognize, >that the URL is encoded? > another redirect to the same page would do > request: http://myserver/testservlet;jsessionid=12121212 > request: http://myserver/testservlet > > > thanks > michi -------------------------------------------------------------------------------- > -- > To unsubscribe: <mailto:[EMAIL PROTECTED]> > For additional commands: <mailto:[EMAIL PROTECTED]> > Troubles with the list: <mailto:[EMAIL PROTECTED]> -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
