Edit Edit

Java Servlet FAQ


How does a servlet container keep track of sessions?


The servlet container uses cookies or URL rewriting to keep track of sessions. If cookies are not supported(e.g., the user turns off cookie support in the browser), the container falls back to URL rewriting. The method used for tracking sessions is transparent to the servlet developer. However, in case the container is using URL rewriting, the servlet must call encodeUrl() on any URL that it emits and it must call encodeRedirectUrl() on any URL to which the request is redirected. These functions allow the container to rewrite the URL with the session ID.

For example, if the servlet emits a URL with the following code:

out.println("Visit my <A HREF=\"http://www.keysolutions.com\">home page</A>");

That code must be changed to:

out.println("Visit my <A HREF=\""
            + res.encodeUrl("http://www.keysolutions.com")
            + "\">home page</A>");

If the servlet redirects the request to a different URL, it should use:

res.sendRedirect(res.encodeRedirectUrl("http://www.keysolutions.com"));



Last updated 12/19/1999 08:22:40 PM