Supporting Sessions Without Cookies in Tomcat

java session tomcat cookies

2,458

Solution 1

The complete answer to this question is a combination of all your responses, so I'm going to summarize:

There is no need to set cookies="false" in the context.xml file. The ideal functionality is for tomcat to use it's url-based session identification, which will be used by default if cookies are not supported by the user.
When a user doesn't have cookies enabled, tomcat will identify the session by the "JSESSIONID" parameter from the url of the request. A couple sample urls are as follows http://www.myurl.com;jsessionid=123456AFGT3 http://www.myurl.com;jsessionid=123456AFGT3?param1=value&param2=value2 Notice how the session id is not part of the url query string (this is a j2ee standard)
In order to ensure the jsessionid parameter gets appended to all your request URLs, you can't have plain url references. For example, in JSTL, you have to use < c:url>. The servlet engine will then automatically append the jsessionid to the url if it is necessary. Here's an example:

<%--this is bad:--%> < a href="page.html">link< / a>

<%--this is good:--%> < a href="< c:url value='page.html'/>">link< / a>

Solution 2

See http://tomcat.apache.org/tomcat-5.5-doc/config/context.html.

In a file META-INF/context.xml,

<?xml version='1.0' encoding='UTF-8'?>
<Context path='/myApplicationContext' cookies='false'>
  <!-- other settings -->
</Context>

2,458

Author by

Ashen Kapica

Updated on August 03, 2022

Comments

Ashen Kapica almost 2 years
I dont know what to do, im new to whole coding and the project im working on is going quite well, tried adding more commands and this problem jumps to the first private part here. If needed i can send the rest of the code
```
RegisterYNCommand();
{


}

private void RegisterYNCommand();
{
    {
        Commands.CreateCommand("YN")
            .Do(async (e) => 
            {
                int yesnoIndex = rand.Next(randomTexts.Length);
                string memeToPost = yesno[yesnoIndex];
                await e.Channel.SendMessage(memeToPost);
            });
```
- Jon Skeet about 7 years
  
  Your method declarations have ; before the body - that's incorrect.
- Pikoh about 7 years
  
  I suspect there are other wrong things in the code. The RegisterYNCommand(); call is inside a method? and RegisterYNCommand() declaration is also inside the same method?
Zakir Hemraj over 15 years

This seems to append JSESSIONID to the url on the first request to the application. But, how do I ensure that it gets appended to subsequent requests?
abeauchamp about 8 years

I'd recommend never tracking by IP address because of VPNs. This answer is old, so I won't downvote but I strongly advise against this for future answer lookers.
maximus almost 8 years

What is the way to do it if i'm using the ajax calls? (not href links)
Ashen Kapica about 7 years

I already tried that, still doesn't work
Andrey Korneyev about 7 years

Then you have to provide more details. Edit your question and provide text of error compiler gives you as well as appropriate lines of code concerning these errors.
Cleptus about 7 years

You missed the problematic double declaration of the method, although pointed in the main problem, there were 2 problems.