Skip to main content

[webtier] Re: No SessionID

1 reply [Last post]
Anonymous

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Jan Luehe

On 01/28/09 11:41, glassfish@javadesktop.org wrote:
> Did a fast read of your links (much stuff).
> So just to see if i understand all correctly:
>
>
> V2.1
> - automatically detection of url rewrite or cookie is not possible anymore
>
Yes. If you look at

https://glassfish.dev.java.net/issues/show_bug.cgi?id=3972

("HttpServletResponse.encodeURL() unconditionally appends jsessionid if session
is newly created")

and the thread referenced by it, you'll notice that while this automatic
discovery
was useful in most cases, it caught some people by surprise, when they
were expecting
the jsessionid of a newly created session to be carried only in the
response cookie, but
found that it was also present in the rewritten URL. At the time, there
was no way to
support all the use cases and expectations with a single "enableCookies"
property.

> - only url rewriting or only cookie is possible definend in sun-web.xml
> - have to add enableCookies=false to support all client requests
>
> Not very happy about that, think the automatically detection was an advantage.
> All links, which users bookmark in their clients or webmaster put on their websites will now contain sessionids.
> But have to live with it:)
>
>
> V3
> - automatically switching is possible again
> - therefore its neccessary to remove enableCookies=false setted in V2.1 to get the default behaviour back
>

Yes, you've got it exactly right.

As I mentioned, GlassFish v3 adds more fine-grained control over
enabling or disabling
jsessionid cookies on the one hand and the rewriting of URLs with
jsessionid on the other hand,
by adding support for a property named "enableURLRewriting".
By default, both the "enableCookies" and "enableURLRewriting" properties
are set to "true".
In order to address IT 3972 in GlassFish v3, one would leave
"enableCookies" set to "true",
and set "enableURLRewriting" to "false".

I've already sent Joerg (a fellow GlassFish user of yours) a patch that
backports the new
GlassFish v3 support for "enableURLRewriting" to GlassFish v2.1. My
plan is to backport
this fix to an official patch release of GlassFish v2.1. I will keep you
updated on this effort.
I've reattached the patch to this email, so you and others can try it
out if you want.
Keep in mind that the patch in its current form is unsupported.

Thanks!

Jan

> [Message sent by forum member 'hammoud' (hammoud)]
>
> http://forums.java.net/jive/thread.jspa?messageID=328765
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@glassfish.dev.java.net
> For additional commands, e-mail: users-help@glassfish.dev.java.net
>
>

[att1.html]
[patch.jar]
---------------------------------------------------------------------
To unsubscribe, e-mail: webtier-unsubscribe@glassfish.dev.java.net
For additional commands, e-mail: webtier-help@glassfish.dev.java.net