"Klemme, Robert, myview" wrote:
> hi there!
>
> the original e-mail of craig dates some months back.
>
> > When a session is first created, Tomcat has no way to know whether
> > session cookies are supported by the browser. Therefore, to be safe, it
> > sends the session ID both ways (by cookie and by modifying URLs that you
> > submit to response.encodeURL calls). On subsequent requests that are
> > part of this session, Tomcat will notice that it received the session ID
> > via a cookie, so it will stop doing the rewriting.
>
> i wonder whether anything has changed here, especially whether there is a
> configuration option (possibly in server.xml) that switches cookies for
> session tracking of.
>
Yes ... answer depends on version.
Tomcat 3.2: Search in "conf/server.xml" for the string "noCookies" and set the
corresponding attribute to "true". This is global to the entire JVM, and
therefore all webapps.
Tomcat 4.0: You can make a choice of cookies versus not for each webapp
individually (default is to use cookies if they are supported). To turn them
off, create a context entry like this:
<Context path="/foo" docBase="foo" cookies="false" ... />
>
> thanks a lot
>
> robert
>
Craig
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
