• Post Reply Bookmark Topic Watch Topic
  • New Topic

Session management with cookies disabled client.  RSS feed

 
Jayavardhan geepi
Ranch Hand
Posts: 66
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
This is how i understood session management.(Headfirst servlets and jsps)
While sending response to a first request, container will do set-cookie as well as URL rewriting.
So, when a request comes in, first the container will try to see the cookie info in the header.
If it is present , it will not bother about encodeURL .
Else it goes for encodeURL. But, in any case our code should have encodeURL() for each link it sending to client right?

Please clarify if i misunderstood the concept itself..

Thanks.
 
Abimaran Kugathasan
Ranch Hand
Posts: 2066
Clojure IntelliJ IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Not for the first request, but, when container sees you call request.getSession(), then only container realizes it needs to start a new session with the client. Then only the container sends the response with both a "Set-Cookie" header for the session ID, and the session ID appended to the URLs, if you've done URL rewriting! But for the next request, client checks the header, and if the client accepts the cookie, then it won't go for URL rewriting. If not, then URL rewriting is used,
 
William Brogden
Author and all-around good cowpoke
Rancher
Posts: 13078
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
container will do set-cookie as well as URL rewriting.


The container never automatically does URL rewriting, that is up to the programmer. Think about it - in a HTML page full of URLs, how would the container know which URLs to rewrite.

Bill
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!