How can we manage session Object if the cookies is disabled ?. how url encoding is used for this?
Asked
Active
Viewed 4,338 times
5 Answers
5
The servlet container will handle this for you. If you look at the url in the first time you hit your site, it will have used URL re-writing to append a JSESSIONID to the URL.
This is because the first time the server responds to the client it doesn't know if the client supports cookies or not. It has also written a cookie with the session id in, so on the second request it checks for the cookie and if present stops using URL re-writing, if not it carries on.
Nick Holt
- 33,455
- 4
- 52
- 58
1
You have to use encodeRedirectURL in response object, Please refer this blog it will helpful for you.
http://mytechbites.blogspot.com/2009/08/servlet-session-management-when-cookies.html
Selvakumar Ponnusamy
- 5,363
- 7
- 40
- 78
0
HTTP Sessions are the recommended approach. A session identifies the requests that originate from the same browser during the period of conversation. All the servlets can share the same session. The JSESSIONID is generated by the server and can be passed to client through cookies, URL re-writing (if cookies are turned off) or built-in SSL mechanism. Care should be taken to minimize size of objects stored in session and objects stored in session should be serializable. In a Java servlet the session can be obtained as follows:
HttpSession session = request.getSession(); //returns current session or a new session
Sessions can be timed out (configured in web.xml) or manually invalidated.
Srinivas Balasani
- 31
- 2
0
it adds jSessionId at the end of URL to map request with session you probably need to configure your server for that too
jmj
- 237,923
- 42
- 401
- 438
0
Use HttpServletResponse.encodeURL() to append jsessionid to your URL, but it is considered harmful.
edwardw
- 12,652
- 3
- 40
- 51