• Post Reply Bookmark Topic Watch Topic
  • New Topic

question regarding maintaining session

 
anagha patankar
Ranch Hand
Posts: 53
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Ranchers ,
I am trying out a simple application to test my understanding /concepts of servlets.

My application is :

A Login screen
After Login screen a page with a link
when user clicks on link - user is taken to second screen
Second screen has two links : previous and next
In addition second screen has a text area and a submit Button


I tried using HttpSession to do session management - it worked fine .
When I login - validate and store the user object on session .

On all subsequent requests - check if the user is present in session .
If not present in session throw the user out - back to login screen
If user object found in session allow user to go ahead.

Now disabled any cookies to be set .
As a result - I am able to login and reach the first screen with the links .
Post login >> clicked on the URL - I am being thrown out of the application .

This piece is understood - since cookies have been disabled ( sessionCookie = jsessionid ..... perhaps )

To remedy this problem - used response.encodeUrl()

Now the URLS work fine

However when I submit the form ( POST ) I am losing the sesison again .

So question is - when you disable cookies - and you have URL's in app - use encodeUrl - but what about the form that opens up after you click on the URL - and submit the form ?

Do you need to store the sessionid in some hidden variable ?
Is the sessionid communicated to the server on its own ?

- so what should be done to remedy this problem ?

Any help would be appreciated .

Thanks ,
-anagha
[ January 25, 2008: Message edited by: anagha patankar ]
 
Abhinav Srivastava
Ranch Hand
Posts: 354
Eclipse IDE Java Oracle
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes. you must submit a parameter named "jsessionid" and its value to the server if you want to track the session. it can be done thru url rewriting or thru hidden fields.
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Did you use encodeUrl on the form's action attribute?
 
anagha patankar
Ranch Hand
Posts: 53
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for the replies .

No didnt use the encodeUrl on the forms action attribute .
Ben - is that possible t use encodeUrl for a form's action attribute ?

Remember reading somehwere that trying to store the jsessionid manually ( hidden variables ) should not be done .

Could you please point me to an example regarding the encodeUrl for a form's action attribute .

Thanks for your help .

-anagha
 
Abhinav Srivastava
Ranch Hand
Posts: 354
Eclipse IDE Java Oracle
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
the same way you encode any other url on the page. action is also a url.
in its most basic form it could be something like this-
 
anagha patankar
Ranch Hand
Posts: 53
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Ben and Abhinav for your help .
Regards,
-anagha
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!