[jetty-users] jsessionid in url (and not ip checking)

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[jetty-users] jsessionid in url (and not ip checking)

Davide

Hi,

for some ajax actions I need to put the jsessionid in the url (remember
for example problem of cookies in iframe in ie)

I create a xmlhttprequest url like this:

http://davide-xubuntu1110beta2:8888/AjaxServlet;jsessionid=1a52myyzt9p2r1bnc4ylc8xyl1?ctx=weatherwidget1&actionid=0

But it look like the parameter ;jsessionid is ignored. A new session is
created.

I use an embedded jetty and checking the session manager look that url
are enabled.

       WebAppContext context = new WebAppContext();
       
//context.getSessionHandler().getSessionManager().setCheckingRemoteSessionIdEncoding(true);
       Set<SessionTrackingMode> tm =
context.getSessionHandler().getSessionManager().getDefaultSessionTrackingModes();

       for (SessionTrackingMode stm: tm)
       {
          System.out.println(stm.name());
       }
       System.out.println(
context.getSessionHandler().getSessionManager().isUsingURLs());


Return:

COOKIE
URL
true


Any help to make it work?

A second question. If url jsessionid will work, is possible to disable
the ip checking (if any) to allow requests
from different clients? I know that is a security issue, but i need it
only in the development environment.

Thanks in advance for help!



_______________________________________________
jetty-users mailing list
[hidden email]
https://dev.eclipse.org/mailman/listinfo/jetty-users
Reply | Threaded
Open this post in threaded view
|

Re: [jetty-users] jsessionid in url (and not ip checking)

Greg Wilkins-3

Hmmm that all looks OK.

I will test that behaviour with the test-jetty-webapp and get back shortly.


_______________________________________________
jetty-users mailing list
[hidden email]
https://dev.eclipse.org/mailman/listinfo/jetty-users