> -----Original Message----- > From: Nagiel, Shahak (Mission Systems) [mailto:[EMAIL PROTECTED] > Sent: Thursday, December 09, 2004 11:33 AM > To: [EMAIL PROTECTED] > Subject: More generic cookie question > > > We have a customized login/authentication scheme in our site, > using an extended Struts ActionMapping class. The > authentication check itself (handled in our extended > ActionServlet class) is simple: if the user has a username, > proceed, otherwise forward to the login page. In order to > smoothly handle session timeouts, right before forwarding to > the login page, we capture the incoming request and save it > as a session attribute (this session being brand new). Then, > assuming a successful login, we proceed to that originally > requested URL, and pass along whatever parameters were > contained in it. (This allows submission of a form after the > original session timed out.) > > This approach works fine with cookies enabled, but with > cookies disabled, it appears the new session is not > persisting that request after timing out. Does anyone have > any clues about what's going on here? Is the lack of cookie > access somehow requiring an additional round-trip to the > server that's preventing this from working?
Yes.... iirc struts will figure out for you if it's using cookies or url rewriting for session management. This figure out process is two step... first time it checks for cookies and then if none, switches to url rewriting. It looks like you're interfering with that process. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
