Originally posted by Merrill Higginson:
The way that encodeURL is handled is dependent on your application server. It is only used if the App server is configured to use URL rewriting to keep track of sessions. Otherwise, it is ignored. The most common way to keep track of session is with cookies. The application server puts a cookie on the user's browser and retrieves it every time a request is made. It uses that cookie to associate the user with a session.
The trouble with cookies, however, is that they can be turned off by individual users, making it impossible to track the sesion. So, if you want to be sure to track sessions even for users who don't accept cookies, configure your app server to use url Rewriting. With url rewriting, every time you call encodeURL, the app server will append a session ID as a parameter to any link. It will then look for that session id when the user communicates with the server.
I hope this answers your question.
Thanks Merill, but I was not concerned about "how encodeURL" works. I was curious about "Under what condition will the struts use encodeURL 'automatically' ?"
You said, "encodeURL is performed by struts automatically".
1. If we do NOT use session anywhere in our Action code, and in struts-config.xml every "scope" is set as "request". Then will "encodeURL" be applied automatically as well ? I doubt.
2. If I set "scope=request", but in Action class I use session myself (of course, server 'creates' for me). will encodeURL be applied by struts automatically ?
3. if I set "scope=session" in struts-config.xml, then I am sure encodeURL will be applied because struts-config.xml is the file it reads.
My point is there must be a way to "tell" struts that you are using "session" so that it can apply "encodeURL" for you. Right ?
By the way, I added a encodeURL to the <html:form action=".."> and it still works, so it doesn't hurt though it may be unnecessary.