Apache, mod_jk and Tomcat looses sessions
- From: "Markus" <mlist (at) dlite.de>
- Date: Mon, 31 Jul 2006 21:39:18 +0200
Christopher Schultz wrote on Monday, July 31, 2006 6:42 PM:
> Markus,
>
>>> I try to create a redirect to a page with a session-id if there is no
>>> session. Seems to be easy, but in combination with apache/mod_jk my
>>> servlet redirects unlimited because it doesn't recognizes the created
>>> session.
>>>
>>> Btw: Cookies are disabled, this is important.
>
> It looks like you are not handling the situation where the user has
> requested a session with an ID but the session does not exist. I don't
> think that Tomcat will create a session for you unless you ask.
> Somewhere, you'll need to actually generate the session id using a call
> to request.getSession(true). Otherwise, the encodeRedirectURL method will
> not have a session id to add.
>
> If the session is mandatory, I recommend changing:
>
> request.getSession(false)
> to
> request.getSession(true)
>
> This will create a session if one does not exist.
>
> The logic in the method to determine if a redirect is necessary seems ...
> overly complex? Maybe a little cleanup would help.
Thanks for your quick answer. The problem I want to solve is only to create
a session if ist really needed, so #redirectToURLWithSID is a little bit
more complicated that this. Your suggestion is already made in line 44,
don't know if you haven't seen it or if I didn't get you.
--
Beste Grüße / best regards Markus Meissner
---------------------------------------------------------------------
To start a new topic, e-mail: users (at) tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe (at) tomcat.apache.org
For additional commands, e-mail: users-help (at) tomcat.apache.org