Christopher Schultz wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Nelson, > > Nelson D. guerrero wrote: >>> Are you using cookies or URL-rewriting in order to track sessions? > >> No, the developers are using cookies or URL-rewriting, is this the >> only way that the sessions can replicate between them? > > Assuming that Tomcat is managing your sessions (there aren't too many > good reasons to manage your own sessions), then Tomcat uses either > cookies or URL rewriting to maintain sessions between requests. > > By default, Tomcat attempts to use cookies, but if cookies are not > supported by the client (the browser), then it resorts to URL rewriting. > >> I'm thinking on passing them this piece of code: >> >> ((HttpServletResponse)response).addCookie(new >> Cookie("JSESSIONID",session.getId())); >> >> That will surely help. > > Probably not: Tomcat should do this for you already. > > Usually, sessions get lost because Tomcat has had to resort to URL > rewriting, but the application has not been written with this in mind. > For instance, every single URL that you generate ought to go through > request.encodeURL to make sure that the session id is properly added if > necessary. If you don't do this, then you'll end up creating a new > session when you use that (session-less) link.
Are you testing manually or using something automated? > - -chris > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.7 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFGCtdd9CaO5/Lv0PARAmbxAKCqWzIxQKLz38z0xIVXXFpE2cWBLwCeLqaU > ezD9gy8vmCGlyoyfWAk5bE8= > =DfrI > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
smime.p7s
Description: S/MIME Cryptographic Signature