Hi Bill,
In my case, I can't use taglibs since I am generating the code dynamically.
But even if I could use taglibs, then part of what the taglib does is really
using response.encodeURL("second.jsp") to do the URL rewriting without you
having to worry about it. So, I think the ultimate answer is that yes, I
need to do URL rewriting for each individual link in my server manually if I
want user connections to have a session associated with them; any link that
I don't do this for, and the user clicks on will cause the session to be
lost. And as a result, there is no magic switch that Tomcat or any filter
has that I can turn on to have this automatically done. This is really what
I want to know, that there is no magic switch that I am missing on.
The problem is that I have thousands of links in my pages, and now I have to
go in and change each one of them so that they do URL rewriting in case the
user's doesn't allow cookies.
Am I correct in assuming that there is no magic switch in Tomcat or anywhere
to have url rewriting done for me?
By the way, I know that I can write a servlet filter that would parse the
response being sent to the user and do URL rewriting for any link in the
response, but I think that is considered a bad practice since then every
link will have the jsessionid with it. Suppose I am linking to
www.yahoo.com which is outside my application, then the jsessionid will be
associated with that link as well which someone had mentioned it is not a
safe practice.
Thanks,
Kasra
----- Original Message -----
From: "Bill Barker" <[EMAIL PROTECTED]>
To: <users@tomcat.apache.org>
Sent: Wednesday, January 03, 2007 11:51 PM
Subject: Re: URL rewriting For Session Tracking
Usually you would use a tag lib for this sort of thing. With struts, it
would look something like:
<html:a href="second.jsp">second page </html:a>
<[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
Your reply answered another question that I had. But I think I still
haven't described my current question clearly. suppose I have 3 JSP
pages in my application.
--
first.jsp
second.jsp
third.jsp
--
Now, in my first.jsp, I have nothing but 2 links to the other two JSP
pages. If I want the session to be maintain when use clicks on the links
to go to the other pages, then can first.jsp be the following:
--
<a href="second.jsp">second page</a>
<a href="third.jsp">third page</a>
--
Or, the code in first.jsp must be the following:
--
<a href='<%=response.encodeURL("second.jsp")%>'>second page</a>
<a href='<%=response.encodeURL("second.jsp")'%>>second page</a>
----
Note: If I use the first syntax, then unless Tomcat or some patch or
filter parse the code and add the jsessionid to the link automatically,
then the user will be losing the session when to goes from first.jsp to
the other ones. And that's my question; can I use the first syntax. Or
there is no way but to use the second syntax if I want the session to be
kept.
Thanks,
Kasra
----- Original Message -----
From: "Caldarale, Charles R" <[EMAIL PROTECTED]>
To: "Tomcat Users List" <users@tomcat.apache.org>
Sent: Wednesday, January 03, 2007 9:56 PM
Subject: RE: URL rewriting For Session Tracking
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Subject: Re: URL rewriting For Session Tracking
Basically I have a webapp and I want to have a session
for each user that connects to my server (just the usual
servlet session that is created with jsessionid). Do I
have to wrap every link that I have in my webapp with an
Httpservletresponse.encodeURL()?
No. As I recall, Tomcat will not create a session automatically unless
it's absolutely necessary (e.g., tracking authenticated users) or the
application requests it. I'm not aware of any config parameter that
will force creation of sessions for all clients, but all you should have
to do is put the following somewhere in the request processing path of
each servlet:
request.getSession(true);
This doesn't need to go into your servlet or JSP code - you can write a
simple filter class that does nothing but run the above code to force
the creation of a session if one doesn't already exist. The filter
mapping can go into conf/web.xml so it will apply to all apps deployed
within your Tomcat instance, or in each appropriate webapp's web.xml
file.
Note that per the servlet spec, Tomcat will use cookies not URL
rewriting for session tracking; it will fall back to URL rewriting if
the client refuses cookies. You can also disable use of cookies by
setting cookies="false" in your <Context> elements (or the global
conf/context.xml file).
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
