This servlet demonstrates how WebLogic deals with session-related information when cookies are unavailable or disabled in your client's browser. This is commonly referred to as "URL rewriting," because instead of tracking the session ID in a cookie, WebLogic appends the session ID at the end of the URL. NOTE
To use this servlet to show how WebLogic rewrites URLs, you'll need to set up both WebLogic and your browser.
Make sure that these properties are set as shown in your weblogic.properties file, and then restart the WebLogic Server:
weblogic.httpd.session.enable=true | (Current setting: <%= getProp("weblogic.httpd.session.enable") %>) |
weblogic.httpd.session.URLRewriting.enable=true | (Current setting: <%= getProp("weblogic.httpd.session.URLRewriting.enable") %>) |
weblogic.httpd.session.cookies.enable=true | (Current setting: <%= getProp("weblogic.httpd.session.cookies.enable") %>) |
You must also disable cookies in your browser:
To see how it works, try setting some session name/value pairs with cookies disabled. Session data will still be stored on the server but the session ID will be passed to the server by rewritten as arguments appended to the URL.
Note: You'll also need to encode the FORM ACTION URL.
<%@ page import=" weblogic.common.T3Services " %> <%! HttpSession session; %> <% session = request.getSession(true); if (session == null) { out.print("\nSession is null!
");
}
if(session != null){
String url = "http://" + request.getRemoteAddr() + ":"
+ request.getServerPort() + request.getRequestURI();
out.print("The normal non-encoded URL is:
" + url +"
");
url = response.encodeURL(url);
out.print("The encoded URL is :
" + url + "
"); } if (request.getParameter("AddValue") != null) { session.putValue("SessionServlet." + request.getParameter("NameField"), request.getParameter("ValueField")); } else if (request.getParameter("DeleteValue") != null) { session.removeValue("SessionServlet." + request.getParameter("NameField")); } %>
Session : <%= session.getId() %> |
|
---|---|
Name | Value |
<%= sessionNames[index] %> | <%= session.getValue(sessionNames[index]) %> |
For the very first request to a servlet that involves a brand new HttpSession, the call to response.encodeURL(url) will always return an encoded URL. This is because on the first request there is no Session ID to be found in either the Cookie or the URL. There is no way to know if the browser has cookies turned off. The course of action is:
If a cookie doesn't come back because cookies are disabled, then the URL will contine to be encoded with Session ID.
Copyright © 1999-2000 by BEA Systems, Inc. All Rights Reserved.