When the client does not accept cookies, you can use URL rewriting to handle session management. It takes the session ID and sticks it right onto the end of every URL that comes to in to this app. When the user clicks that enhanced link, the request goes to the container with that extra bit at the end, and the container simply strips off extra part of the URL and uses it to find the matching session.
We add the session ID to the end of all URLs in the HTML we send in the respose.
<a href=http://www.bhabani.com/demo.do;jsessionid=0AYU88d7dd89dd8>click me</a>
How client make the request:
The extra info comes stuck to the end of the request URL.
GET/demo.do; jsessionid=0AYU88d7dd89dd8
HTTP/1.1
You can not use “jsessionid” yourself. You should not see a custom “jsessionid” header in request and response. There is no way to get URL rewriting with the static pages. You must use dynamic generated pages.
Now days we are using both techniqs(cookie and URL rewriting) for same webapp because when cookie fails then session will be managed by URL rewriting. If you do not explicitely encode the URLs and the client won’t accept cookies then you can not use session.
You can encode the URL using encodeURL() or encodeRedirectURL()
Publid void doGet(){
Response.setContentType(“text/html”);
Out.println(“<a href=\”www.bhabani.com”+response.encodeURL(“/demo.do”)+ “\”>click me</a>”);
}//above line adds session ID info to the URL.
No comments:
Post a Comment