• Post Reply Bookmark Topic Watch Topic
  • New Topic

session & cookie

 
Andrea Giovannini
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I've the following situation:
1) the browser requests a JSP page for the first time
2) the JSP sets some session variables and then makes an HTTP request to the same webapp,
URLConnection connection = url.openConnection();
...
connection.setRequestProperty("Cookie", cookie);
where cookie is something like "JSESSIONID=" + session.getId()
3) the request made by the JSP "should" be handled in the same session.
This is true for Tomcat 4.X but it doesn't work for WebSphere 5.0
I think that my code is OK.
Any idea??
Thanks in advance,
Andrea
 
Borislav Iordanov
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Andrea,
Not quite sure about WebSphere, but it may be that it is set to only track sessions through URL rewriting.
Best,
Boris
 
Jessica Sant
Sheriff
Posts: 4313
Android IntelliJ IDE Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You shouldn't be adding the cookie yourself. Use HttpServletResponse.encodeURL(String) -- it will add JSESSIONID to the URL if necessary (like if cookies are turned off) -- otherwise -- the appserver will take care of adding the JSESSIONID cookie for you.
By explicitly setting the cookie -- you might be goofing up some random proprietary thing that Weblogic does and thus its unable to figure out that you're still in the same session.
 
Andrea Giovannini
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Jessica Sant:
You shouldn't be adding the cookie yourself. Use HttpServletResponse.encodeURL(String) -- ...

The problem is that the cookie is not set in the browser yet because this is the very first request!! Otherwise we could use something like:
connection.setRequestProperty("Cookie",request.getHeader("cookie"));
Any other suggestion?? Please ...
Thanks in advance!!
 
Jessica Sant
Sheriff
Posts: 4313
Android IntelliJ IDE Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I must not be following you correctly...
On the first request to a page in a web-application, and if its a JSP, as long as you don't have <%@ page session="false" %>, a new session will be created for that user (basically equivalent to HttpSession session = request.getSession(true); ). If the user has cookies enabled, one will automatically be placed by your app-server so that on subsequent requests -- the same session is used. You don't have to explicitly do anything with cookies in order to get the session stuff to work.
If cookies are not enabled by the user -- you need to make sure you encode each URL with the above API so that the session information can be tracked that way.
Maybe if you post some code and a discription of what your seeing?
[ March 21, 2003: Message edited by: Jessica Sant ]
 
Andrea Giovannini
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Jessica Sant:
I must not be following you correctly...
...If the user has cookies enabled, one will automatically be placed by your app-server so that on subsequent requests -- the same session is used. You don't have to explicitly do anything with cookies in order to get the session stuff to work....
[ March 21, 2003: Message edited by: Jessica Sant ]

This is true if the request comes from the browser but I have a request from the server itself, i.e.
- the browser asks for a page
- a custom tag in the page needs some info for the rendering phase so it asks for this info to a servlet
This request is made with URLConnection setting the cookie with its method setRequestProperty(), otherwise the servlet has no way to see the same session of the client. I can't see any other way but it doesn't work with WAS5 because of its custom cookie format ...
Bye,
Andrea
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!