支持在Tomcat中没有Cookie的会话 [英] Supporting Sessions Without Cookies in Tomcat

问题描述

我目前正在运行具有以下属性的应用程序：

• 基于Java的Spring和Acegi


• 在Tomcat 5上运行

我需要能够支持用户会话

解决方案

这个问题的完整答案是所有回应的组合，所以我总结一下：

1. 没有必要在context.xml文件中设置cookies =false。理想的功能是为tomcat使用基于url的会话标识，如果用户不支持cookie，则会默认使用。




2. 用户没有启用cookie，tomcat将通过JSESSIONID参数从请求的url中标识会话。几个示例网址如下：
   http：//www.myurl.com; jsessionid = 123456AFGT3
http： /www.myurl.com; jsessionid=123456AFGT3?param1=value&param2=value2
   注意会话id不是url查询字符串的一部分（这是一个j2ee标准） / p>




3. 为了确保jsessionid参数附加到您的所有请求网址，您不能使用纯网址引用。例如，在JSTL中， c：url>。如果有必要，servlet引擎将自动将jsessionid附加到url。这里有一个例子：

   
   
   

   <％ - 这是坏的： - ％>
   < a href =page.html>链接< / a>

   
   
   

   <％ - 这是好的： - ％>
   < a href =< c：url value ='page.html'/>> link< / a>

I am currently running an application with the following properties:

• Java-based with Spring and Acegi
• Running on Tomcat 5

I need the ability to support user sessions without cookies. Could someone please point me in the right direction.

Thank you.

解决方案

The complete answer to this question is a combination of all your responses, so I'm going to summarize:

1. There is no need to set cookies="false" in the context.xml file. The ideal functionality is for tomcat to use it's url-based session identification, which will be used by default if cookies are not supported by the user.

2. When a user doesn't have cookies enabled, tomcat will identify the session by the "JSESSIONID" parameter from the url of the request. A couple sample urls are as follows http://www.myurl.com;jsessionid=123456AFGT3 http://www.myurl.com;jsessionid=123456AFGT3?param1=value&param2=value2 Notice how the session id is not part of the url query string (this is a j2ee standard)

3. In order to ensure the jsessionid parameter gets appended to all your request URLs, you can't have plain url references. For example, in JSTL, you have to use < c:url>. The servlet engine will then automatically append the jsessionid to the url if it is necessary. Here's an example:

   <%--this is bad:--%> < a href="page.html">link< / a>

   <%--this is good:--%> < a href="< c:url value='page.html'/>">link< / a>

这篇关于支持在Tomcat中没有Cookie的会话的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！