Re: how can I get session object in filter with out passing jsessionid in url
Thursday, May 6, 2004 06:44 AM
usually if jsessionid in your url is the ONLY way you can get sessions to work, it is because your browser is not allowing cookies. Check your cookie settings in IE (or whatever browser you use) and be sure they are turned on and allowed. The way tomcat keeps "session" is by storing a users current session values by key, your jsessionid. This jsession id is required in the request in order for tomcat to know the difference between user x and user y when a request comes into the server. If cookies are turned on and working properly, then tomcat will automagically create a cookie with "jsessionid" as the name and value as your actual sessionid. This value can then be looked up with each request, as each user has their own cookie stored, and it saves you having to pass it around in the URL.