Geek Answers Handbook

Session management when the browser disables cookies

I want to know how I can manage a session if the cookie is disabled on the client’s browser.

If I want to implement it in a simple JSP servlet, then how can I do this?

Thanks in advance...

+4
source share
4 answers

On the JSP side, you can use JSTL <c:url> for this.

 <a href="<c:url value="page.jsp" />">link</a>

Just. It will automatically add jsessionid when cookies are disabled.

On the servlet side, you need HttpServletResponse#encodeURL() or - usually preferred inside Servlets- HttpServletResponse#encodeRedirectURL() for this.

 response.sendRedirect(response.encodeRedirectURL("page.jsp"));
+2
source

Without cookies, you have two options. SessionId is passed first through Urls. This requires a lot of work on the server, because every URL that you send back must have sessionId attached to it (usually in the form of a query string parameter). For instance:

/ path / to / page

becomes

/ path / to / page? SessionID = Asdfg-Asdfg-Asdfg-Asdfg-Asdfg

Another option you have is to combine the information that you use via http into a "unique" key and create your own session bucket. By combining the Http UserAgent, RemoteIp, and RemoteXfip, you can come close to uniquely identifying the user, but there is no guarantee that this key is 100% unique.

+3
source

Each URL must be encoded using response.encodeURL("page.jsp")

This will add a session id at the end of each URL so cookies are not enabled.

Please note that you will have to do this manually for each URL in order for it to work.

For details, see. This link .

+2
source

More articles:


All Articles