-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jorge,
On 2/17/2009 3:57 PM, Jorge Medina wrote: > My confusion came from the fact that through the HttpSession object, > you can access the cookies with methods that names then Attributes > (getAttribute/setAttribute). It was unclear -to me- that it is the same > stuff as a "cookie". No, the JSESSIONID cookie contains only the session identifier. The HttpSession object lives on the server (only) and contains any number of attributes. These attributes are not related to the cookie in any way other than the cookie identifies the HttpSession object which holds them. HttpSessions can be tracked using techniques other than cookies. URL rewriting is a second standard way to communicate session ids when cookies are unavailable and/or unwanted. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmcbdoACgkQ9CaO5/Lv0PDQfwCeOnxeHlJprpDcqZeaH7wWqVqY M+sAn0NrF+Ry2gJV2VDdpOsrtc8/9XX4 =wlvi -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
