On 14/08/2009 19:32, Mitch Claborn wrote:
I was able to change the expiration on the cookie with a one line change
to org.apache.catalina.connector.Request and it works like I need it to.
What is the official way to request an enhancement to allow this to be
configurable?
Doesn't HttpSession.setMaxInactiveInterval(bigNumber) achieve this for
you without have to make odd changes to the cookie?
p
mitch
Mitch Claborn wrote:
The answer is: yes, there are times when the response is already
committed, so the valve is not a foolproof solution.
mitch
Mitch Claborn wrote:
I was able to get the cookie permanent with a simple valve, code below.
Question: the new cookie will be ignored if the response has already
been "committed" (isCommitted()). In my brief testing, the new cookie
is being set, so the response must not be committed. Is it possible
that there might be times when the response IS committed when my valve
is invoked, causing the new cookie to be ignored?
public void invoke(Request request, Response response) throws
IOException, ServletException {
getNext().invoke(request, response);
for (Cookie c : response.getCookies()) {
if (Globals.SESSION_COOKIE_NAME.equals(c.getName())) {
Cookie l_new = (Cookie) c.clone();
l_new.setMaxAge(Integer.MAX_VALUE);
response.addCookie(l_new);
}
}
}
Mitch Claborn
972-954-7341
mi...@claborn.net
Len Popp wrote:
It comes up all the time. The solution is typically to use a separate
cookie and *not* tie the persistent data to the browser session, since
the browser session is transient.
--
Len
On Wed, Aug 12, 2009 at 14:54, Mitch Claborn<mi...@claborn.net> wrote:
If I can't find a another way that's what I'll have to do. I would be
surprised that this need doesn't come up more frequently.
Mitch
David Smith wrote:
Your best bet is to assign your own cookie. Then on new session
creation, look for the cookie and repopulate the new session with
shopping cart data.
--David
Mitch Claborn wrote:
My usage is: I store the key to the user's shopping cart in the
session. I'd like the user to be able to come back a few days from now
and still find the items they have placed in their shopping cart. (This
is mostly for anonymous users who don't sign in until checkout.)
Mitch
Martin Gainty wrote:
anyone know if there is a use-case for sessionId surviving end-of-session?
Martin Gainty
______________________________________________
Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger
sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung
oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem
Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung.
Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung
fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le
destinataire prévu, nous te demandons avec bonté que pour satisfaire informez
l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est
interdite. Ce message sert à l'information seulement et n'aura pas n'importe
quel effet légalement obligatoire. Étant donné que les email peuvent facilement
être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité
pour le contenu fourni.
Date: Wed, 12 Aug 2009 12:43:11 -0500
From: mi...@claborn.net
To: users@tomcat.apache.org
Subject: JSESSIONID cookie permanent?
Is there a way to make the JSESSIONID cookie issued by Tomcat permanent,
or at least significantly longer life than "end of session" ?
Mitch
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
_________________________________________________________________
Get back to school stuff for them and cashback for you.
http://www.bing.com/cashback?form=MSHYCB&publ=WLHMTAG&crea=TEXT_MSHYCB_BackToSchool_Cashback_BTSCashback_1x1
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
