> From: removeps-gro...@yahoo.com [mailto:removeps-gro...@yahoo.com] > Subject: RE: Server returned HTTP response code: 408 for URL: > https...j_security_check > > How does the client get the JSESSIONID?
It's normally sent as a cookie; if the client has disabled cookies, the login page servlet or JSP should call Response.encodeURL() to get it added to the URL as a parameter. > When the server generates the login page does it have > to call response.addCookie? I think Tomcat does that automatically, but I'm not positive. Look at the doc for the cookies attribute of the <Context> parameter: http://tomcat.apache.org/tomcat-6.0-doc/config/context.html > From where should the servlet get the session id? It doesn't have to, Tomcat handles it automatically for form login. The servlet or JSP can use the HTTPSession.getId() to retrieve it if desired. > How does the client read the cookie? By parsing the response headers or parameters. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
