• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Session management

 
Sandeep Chhabra
Ranch Hand
Posts: 340
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If an HTML page of a web application has a hyperlink(to a servlet) with the following URL, which of the mechanisms would have been used for session management?

http://www.myserver.com/myservlet/index.html?jsessionid=123

A Rewritten URLs
B Cookies
C Http Redirect
D None of the above

I got this question in a mock exam.
I feel the answer should be D, but it says answer is A.

Can anyone please confirm.
 
Gaurav Gambhir
Ranch Hand
Posts: 256
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If the client won�t take cookies use URL rewriting , URL rewriting takes the session ID onto end of every URL

Since in URL http://www.myserver.com/myservlet/index.html?jsessionid=123
sessionid is appended to end of URL so is the reason option A is right.

Regards
Gaurav
 
wise owen
Ranch Hand
Posts: 2023
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
[ UD: removed links to copyrighted material ]
[ August 03, 2007: Message edited by: Ulf Dittmer ]
 
Sandeep Chhabra
Ranch Hand
Posts: 340
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I know about URL Rewriting, But what my concern is that the URL given is

http://www.myserver.com/myservlet/index.html?jsessionid=123

where I think if URL Rewriting would have been implemented, then the URL should be:

http://www.myserver.com/myservlet/index.html;jsessionid=123

Kindly clarify.
[ May 19, 2006: Message edited by: Sandeep Chhabra ]
 
Bryan Basham
author
Ranch Hand
Posts: 199
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sandeep is correct. URL-rewriting must occur before the query string which starts at the '?' character. The stem of the question is either in error [the URL pattern should have used a ';' character as Sandeep notes] or option D should be the only valid option. I suspect the question author just wasn't very careful and got the syntax wrong.

Cheers,
Bryan
 
Sandeep Chhabra
Ranch Hand
Posts: 340
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for your HttpServletResponse Bryan

This question was really bothring me.
Even I feel the question is incorrect.

anyways thanks again for your wonderful book as well.


[ May 19, 2006: Message edited by: Sandeep Chhabra ]
 
Reshma Shanbhag
Ranch Hand
Posts: 208
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am confused after reading this post, may be i am not getting the actual sense of this.


Sandeep is correct. URL-rewriting must occur before the query string which starts at the '?' character.



To my understanding and as per HFSJ, URL rewriting takes the session ID and sticks it right onto the end of every URL. The example provided in the above post are not inline with this as the jsessionid is appended to start of the URL.


Also mentioned is that URL rewriting is handeled in a vendor specific way, tomcat uses ';' to append the extra info into the URL. Is tomact considered standard for the exam??


For E.x if had to pass a request parameter named ID, the encoded URL would be this ???

http://www.xyz.com/BeerTest.do?ID=1234;jsessionid=0ET654965

OR

;[jsessionid=0ET654965]http://www.xyz.com/BeerTest.do?ID=1234


Reshma
 
Sandeep Chhabra
Ranch Hand
Posts: 340
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Reshma,

I think to a great extent you are right....and even i was confused regarding this matter.

Also mentioned is that URL rewriting is handeled in a vendor specific way, tomcat uses ';' to append the extra info into the URL


You are right, but '?' is used to append query string to the URL whatever may the web server be. So this confirms that atleast you cannot use '?' to append jsessionid because it is not a query string, infact it is a mechanism for session management or we can call it as extra info.

So if URL has been encoded and also you have passed some parameters in query string then the url should look something like this:

http://www.xyz.com/BeerTest.do;jsessionid=0ET654965?ID=1234&Name=someName

Upto my understanding, I can conclude that extra info can be separated from the URL by any character specific to vendor excluding '?', because this character denotes the query string where in we pass request parameters to a resource.

Hopefully I am right.
 
Reshma Shanbhag
Ranch Hand
Posts: 208
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sandeep,

you are right ... '?' is only used for query string thats the J2EE standard, using delimiter for jsessionid is vendor specific should be other than '?'.

Also thanks for clearing my doubts on url encoding, some how i had an understanding that jsessionid is appended after the query string.

Thanks Again,
Reshma
 
levani dvalishvili
Ranch Hand
Posts: 99
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Jsession ID has to go before ? otherwise there are possible compications if for example last parameter ends with ";"
here I just did test on my application, turned off cookies support and here what I got using tomcat 5

[ May 19, 2006: Message edited by: levani dvalishvili ]
 
Reshma Shanbhag
Ranch Hand
Posts: 208
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
levani, that is what i meant in the post. Query string is appended after the jsession ID.


Hope that its clear now.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic