Rashmi Rubdi wrote:
So since bots are HTTP/1.1 capable that might explain why I don't see
jsessionid appended to the jsp pages in the access logs.
...and the cookie is only recorded when the client sends it, not when
the server sets it, so it doesn't appear in the log.
-Rashmi
----- Original Message ----
From: Pid <[EMAIL PROTECTED]>
To: Tomcat Users List <users@tomcat.apache.org>
Sent: Friday, February 9, 2007 7:10:49 AM
Subject: Re: [OT]Re: Large number of active sessions
Rashmi Rubdi wrote:
I'm sorry that I didn't express myself in a clear manner. I was simply saying that the jsessionid doesn't appear when bots access pages that have sessions in them (in my case), but I'm not concerned with it as it doesn't affect anything.
I worked it out after i'd had a coffee, I was just being dense. :)
I think the only way to be sure what's going on would be to monitor
what's being set in the response headers for bots. If there's a
'Set-Cookie' header it would explain why there's no redirect & URL encoding.
Whether the bot then sends the cookie back to maintain the session is a
different matter of course...
rgds,
p
-Regards
Rashmi
----- Original Message ----
From: Pid <[EMAIL PROTECTED]>
To: Tomcat Users List <users@tomcat.apache.org>
Sent: Thursday, February 8, 2007 8:46:22 AM
Subject: Re: [OT]Re: Large number of active sessions
Rashmi Rubdi wrote:
I agree that many have experienced the jsessionid on URLs accessed by bots,
perhaps it happens in a Struts environment or some other environment.
In certain set-ups (only JSPs, no servlets, no MVC - session is removed and
created freshly on each JSP page) the jsessionid doesn't appear on URLs
accessed by bots like Googlebot even when the JSP page uses sessions, and that
confuses me. I've verified the absense of jsession id in the URLs accessed by
Googlebot in the server logs.
This inconsistent appearance of jsessionid for certain set-ups doesn't bother
me, it's just a matter of curiosity.
hi rashmi,
i'm not sure what you're saying; are you asking a question?
-Rashmi
----- Original Message ----
From: Pid [EMAIL PROTECTED]
Some bots also use sessions.
I disagree, the bot has no capability to decide to use a session.
A bot would only appear to use a session if it was HTTP/1.1 capable, and
was handling cookies or encoded URLs properly.
Most bots get pages asynchronously, I've observed Googlebot hitting url
encoded pages with jsessionids generated days beforehand, during a
previous index run. This will trigger a new session as a result, but
may account for apparently older creation dates appearing the list of
active/recent session.
(A guess: I don't know enough about the internals of Tomcat to be sure
of that.)
p
____________________________________________________________________________________
No need to miss a message. Get email on-the-go
with Yahoo! Mail for Mobile. Get started.
http://mobile.yahoo.com/mail
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
