David -

        Thanks for the clear, concise answer.

Garey Mills
Library Systems Office
UC Berkeley

The brain is not where you think

On Wed, 21 Jun 2006, David Smith wrote:

> On first response, Tomcat both set's a cookie JSESSIONID and appends the 
> same to the page links (when properly coded). If the cookie comes back 
> on the next request, url rewriting is dropped in favor of the cookie. No 
> magic, tomcat just covers all it's bases up front.
> 
> See HttpServletResponse.encodeURL(String) in the servlet spec for more info.
> 
> -- David
> 
> Garey Mills wrote:
> > David -
> >
> >     Tomcat uses cookies to establish a session with the browser. If it
> > can't use cookies, it uses URL rewriting. So whenever someone uses my app,
> > Tomcat tries to set a cookie. 
> >
> >     If it was the case that Tomcat didn't know whether the browser
> > accepted cookies until after it tried to set one at the first access,
> > users of browsers that did not accept cookies would not have a session
> > that recorded their first access. I don't think that would be considered
> > acceptable, so I assume that Tomcat knows, before my app is reached,
> > whether the browser accepts cookies. But is my assumption correct, I don't
> > know. That is what I am asking.
> >
> >
> >     
> >
> > Garey Mills
> > Library Systems Office
> > UC Berkeley
> >
> > The brain is not where you think
> >
> > On Wed, 21 Jun 2006, David Kerber wrote:
> >
> >   
> >> Why would it try until your app tells it to?  AFAIK (admittedly, not 
> >> very far; I don't use cookies)  think it needs to be handled by your app.
> >>
> >>
> >> Garey Mills wrote:
> >>
> >>     
> >>> David -
> >>>
> >>>   Well, okay then, but how can my app find out what Tomcat knows
> >>> about whether the browser accepts cookies or not? And when does Tomcat
> >>> try? Before control is passed to my app?
> >>>
> >>> Garey Mills
> >>> Library Systems Office
> >>> UC Berkeley
> >>>
> >>> The brain is not where you think
> >>>
> >>> On Wed, 21 Jun 2006, David Kerber wrote:
> >>>
> >>>  
> >>>
> >>>       
> >>>> I think what he's getting at is that Tomcat (or any other web server) 
> >>>> cannot tell how a browser is set wrt cookies without trying to set one 
> >>>> and then seeing if it's there.
> >>>>
> >>>> Garey Mills wrote:
> >>>>
> >>>>    
> >>>>
> >>>>         
> >>>>> Martin -
> >>>>>
> >>>>>         I guess I'm being obtuse, but WHAT won't work? What I want to 
> >>>>> know
> >>>>> is how Tomcat detects whether the browser accepts cookies, that is,
> >>>>> whether it is set to accept cookies or not?
> >>>>>
> >>>>> Garey Mills
> >>>>> Library Systems Office
> >>>>> UC Berkeley
> >>>>>
> >>>>> The brain is not where you think
> >>>>>
> >>>>> On Wed, 21 Jun 2006, Martin Gainty wrote:
> >>>>>
> >>>>>
> >>>>>
> >>>>>      
> >>>>>
> >>>>>           
> >>>>>> Garey-
> >>>>>>
> >>>>>> Unfortunately that wont work if your Browser disallows cookies
> >>>>>> If its IE 
> >>>>>> Check out the IE options-
> >>>>>>
> >>>>>> Tools
> >>>>>> Internet Options
> >>>>>> Privacy
> >>>>>> Advanced
> >>>>>> look at "switched on Always allow Session Cookies"
> >>>>>>
> >>>>>> HTH,
> >>>>>>
> >>>>>> Martin --
> >>>>>> *********************************************************************
> >>>>>> This email message and any files transmitted with it contain 
> >>>>>> confidential
> >>>>>> information intended only for the person(s) to whom this email message 
> >>>>>> is
> >>>>>> addressed.  If you have received this email message in error, please 
> >>>>>> notify
> >>>>>> the sender immediately by telephone or email and destroy the original
> >>>>>> message without making a copy.  Thank you.
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>> ----- Original Message ----- 
> >>>>>> From: "Garey Mills" <[EMAIL PROTECTED]>
> >>>>>> To: "Tomcat Users List" <users@tomcat.apache.org>
> >>>>>> Sent: Wednesday, June 21, 2006 12:50 PM
> >>>>>> Subject: Re: How does Tomcat detect whether a browser accepts cookies
> >>>>>>
> >>>>>>
> >>>>>>   
> >>>>>>
> >>>>>>        
> >>>>>>
> >>>>>>             
> >>>>>>> Leon -
> >>>>>>>
> >>>>>>> Thank you for your response, but I don't understand it. I have a
> >>>>>>> key question: 
> >>>>>>>
> >>>>>>> how does Tomcat detect that a browser does not accept cookies?
> >>>>>>>
> >>>>>>>
> >>>>>>> There are a number of different ways to detect it inside my
> >>>>>>> application, but all of them seem to need a roundtrip to the browser. 
> >>>>>>> If,
> >>>>>>> as I suspect, Tomcat can tell without the redirect, I would like to 
> >>>>>>> use
> >>>>>>> Tomcat's knowledge. If Tomcat uses a roundtrip, I would still like to 
> >>>>>>> use
> >>>>>>> Tomcat's knowledge, so that I don't have to duplicate the work inside 
> >>>>>>> my
> >>>>>>> app.
> >>>>>>>
> >>>>>>> Garey Mills
> >>>>>>> Library Systems Office
> >>>>>>> UC Berkeley
> >>>>>>>
> >>>>>>> The brain is not where you think
> >>>>>>>
> >>>>>>> On Wed, 21 Jun 2006, Leon Rosenberg wrote:
> >>>>>>>
> >>>>>>>     
> >>>>>>>
> >>>>>>>          
> >>>>>>>
> >>>>>>>               
> >>>>>>>> You could check for your cookie in first request and if not present
> >>>>>>>> just set the cookie in the  request and redirect to another page 
> >>>>>>>> which
> >>>>>>>> reads  the cookie (btw, it can also be done with javascript without
> >>>>>>>> user-visible-reload). The difference to your approach that each user
> >>>>>>>> will be redirected exactly once, since you are checking for your
> >>>>>>>> cookie in first request and it should remain persistent for next
> >>>>>>>> visits.
> >>>>>>>>
> >>>>>>>> regards
> >>>>>>>> Leon
> >>>>>>>>
> >>>>>>>> On 6/21/06, Garey Mills <[EMAIL PROTECTED]> wrote:
> >>>>>>>>       
> >>>>>>>>
> >>>>>>>>            
> >>>>>>>>
> >>>>>>>>                 
> >>>>>>>>> Hi -
> >>>>>>>>>
> >>>>>>>>>       I have an application that does not work correctly when the
> >>>>>>>>> browser does not accept cookies. I added some code that rewrites 
> >>>>>>>>> the query
> >>>>>>>>> string the first time the app is entered to include a new parameter 
> >>>>>>>>> and
> >>>>>>>>> then redirects to the app. I watch for that parameter and if I find 
> >>>>>>>>> it I
> >>>>>>>>> check whether the session id is from a cookie. If it isn't I put up 
> >>>>>>>>> a
> >>>>>>>>> "Sorry, you need cookies message" and exit.
> >>>>>>>>>
> >>>>>>>>>       This solution is not optimal, since I am seeing a blank page 
> >>>>>>>>> the
> >>>>>>>>> first time I try to get into the application.
> >>>>>>>>>
> >>>>>>>>>       So my question is: Tomcat must ascertain whether the browser
> >>>>>>>>> accepts cookies in order to decide whether to use cookies or URL
> >>>>>>>>> rewriting. How does it do it? and can I check Tomcat to find out, 
> >>>>>>>>> too?
> >>>>>>>>>
> >>>>>>>>> Garey Mills
> >>>>>>>>> Library Systems Office
> >>>>>>>>> UC Berkeley
> >>>>>>>>>
> >>>>>>>>> The brain is not where you think
> >>>>>>>>>              
> >>>>>>>>>
> >>>>>>>>>                   
> >>
> >> ---------------------------------------------------------------------
> >> To start a new topic, e-mail: users@tomcat.apache.org
> >> To unsubscribe, e-mail: [EMAIL PROTECTED]
> >> For additional commands, e-mail: [EMAIL PROTECTED]
> >>
> >>
> >>     
> >
> >
> > ---------------------------------------------------------------------
> > To start a new topic, e-mail: users@tomcat.apache.org
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >   
> 
> 
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to