Win a copy of Beginning Java 17 Fundamentals: Object-Oriented Programming in Java 17 this week in the Java in General forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Ron McLeod
  • Liutauras Vilda
  • Jeanne Boyarsky
Sheriffs:
  • Junilu Lacar
  • Rob Spoor
  • Paul Clapham
Saloon Keepers:
  • Tim Holloway
  • Tim Moores
  • Jesse Silverman
  • Stephan van Hulst
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Piet Souris
  • Frits Walraven

URL rewriting?

 
Ranch Hand
Posts: 3851
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator


I hope the above code is right example of keeping track of sessions if cookies are enabled at client...

I am not clear with URL rewriting, how we use it?

Could any body please give little code, how to use it??

Thanks a lot.
[ December 05, 2005: Message edited by: rathi ji ]
 
Greenhorn
Posts: 21
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
HttpSession by default attempts to store the session in Cookies. So if cookies are disabled you need to use URL rewritting. For this you have two methods in HttpServletResponse. encodeURL and encodeRedirectURL. It will append the jsessionid paramater to your URL. If no encoding is needed it will return the URL unchanged.

you can use it like respons.sendRedirect(response.encodeRedirectURL("myrurl"));
 
ankur rathi
Ranch Hand
Posts: 3851
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Albin Joseph:
HttpSession by default attempts to store the session in Cookies. So if cookies are disabled you need to use URL rewritting. For this you have two methods in HttpServletResponse. encodeURL and encodeRedirectURL. It will append the jsessionid paramater to your URL. If no encoding is needed it will return the URL unchanged.

you can use it like respons.sendRedirect(response.encodeRedirectURL("myrurl"));



Yes, but when to use this code, where??

Thanks.
 
Ranch Hand
Posts: 489
Eclipse IDE Tomcat Server Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator


Yes, but when to use this code, where??



Anywhere your servlet/jsp generates a link in the response html and you are not sure about the browser cookie handling capabilities.

ram.
 
ankur rathi
Ranch Hand
Posts: 3851
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by ramprasad madathil:


Anywhere your servlet/jsp generates a link in the response html



But when we generate link in response??, we either write HTML in response or forward request and response to other servlet...

Please comments.
Thanks.


[ December 05, 2005: Message edited by: rathi ji ]
 
ramprasad madathil
Ranch Hand
Posts: 489
Eclipse IDE Tomcat Server Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
>we either write HTML

You always write html in response and that html may contain href elements. See below.




Now the link above, should/can be rewritten in the jsp







ram.

[ December 06, 2005: Message edited by: ramprasad madathil ]
[ December 06, 2005: Message edited by: ramprasad madathil ]
 
ankur rathi
Ranch Hand
Posts: 3851
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Ram,

It is clear but suppose there is no need to write URL in response then how do we call response.encodeURL() method or how do we tell the container that use URL rewriting if cookies fail...

Thanks.
 
Ranch Hand
Posts: 1026
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator


suppose there is no need to write URL in response then how do we call response.encodeURL() method




Thats where the trick is. Unlike the getSession() method which does all the work of sending the sessionID to browser and receiving the sessionID from the request, In URL Rewriting it's your responsibility to send the sessionID to user. How to do this?

In URL Rewriting the sessionID will not come to your servlet code automatically like sessions. There has to be a link that contains the sessionID stuffed at the end of the URL as explained by the code given by ram. So that when the user clicks the link the sessionID comes as part of the request and the server can identify the sessionID and continue the session.

Note: SessionID are automatically generated and stuffed at the end of the URL by the container
 
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Albin Joseph:
HttpSession by default attempts to store the session in Cookies. So if cookies are disabled you need to use URL rewritting. For this you have two methods in HttpServletResponse. encodeURL and encodeRedirectURL. It will append the jsessionid paramater to your URL. If no encoding is needed it will return the URL unchanged.

you can use it like respons.sendRedirect(response.encodeRedirectURL("myrurl"));



Exactly... but again you need to encode each and every URL of your page. Otherwise this technique wont work.
 
ramprasad madathil
Ranch Hand
Posts: 489
Eclipse IDE Tomcat Server Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Rahim has it right.
You have to understand that rewriting your url doesnt ensure that the session id is appended to the url.

Here's the javadoc for encodeURL() method

--------------------------
Encodes the specified URL by including the session ID in it, or, if encoding is not needed, returns the URL unchanged. The implementation of this method includes the logic to determine whether the session ID needs to be encoded in the URL. For example, if the browser supports cookies, or session tracking is turned off, URL encoding is unnecessary.
---------------------------

What this means is that even if you rewrite your url, the container would be 'smart' enough to use it on a 'in need' basis - if the container detects that the browser doesnt support cookies, it appends the session id to the url provided you have rewritten it . If the browser does accept cookies, the session id wouldnt be used even if you have passed your url string through the encodeURL() method.

Ofcourse, since you have no prior knowledge of the client browser settings, especially in internet applications, its considered good practise to encode all your urls.

This is exactly what the doc says too - see below

---------------------------------
For robust session tracking, all URLs emitted by a servlet should be run through this method. Otherwise, URL rewriting cannot be used with browsers which do not support cookies.
---------------------------------

cheers,
ram.
 
Ranch Hand
Posts: 52
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

I use cookies and URL rewritte when I cannot put cookies.

I use an session attribute for the action of the post. I put this session attributte in the JSP.

I calculate the session attributte when the user log and put in session.

some code
 
WHAT is your favorite color? Blue, no yellow, ahhhhhhh! Tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
reply
    Bookmark Topic Watch Topic
  • New Topic