Servlet HttpSession cookies disabled

Question

In a web app, when user logs in, a HttpSession is created using HttpSession s = request.getSession(true); This creates a cookie with jsessionid on the browser. But if cookies are disabled on browser, How can i proceed with login?

score 1 · Accepted Answer · answered Oct 28 '15 at 19:19

1

If Cookies are disabled. You should be using URL Rewriting mechanism for Session tracking.

Code Example:

http://www.javadocexamples.com/javax/servlet/http/HttpServletResponse/encodeURL%28String%20url%29.html

answered Oct 28 '15 at 19:19

Ramesh PVK

15,200
2
46
50

Still a beginner... The examples are unclear. To append the jsessionid to url, how do i get the jsessionid first. need more help please... – Raghavendra N Oct 29 '15 at 03:12

score 0 · Answer 2 · answered Dec 21 '15 at 07:46

The main purpose of logging in is to identify the user. The basic information of the user is stored in the cookie which is basically a text file containing jsessionid. It is the jsessionid we want and not the cookie itself. So, we can get hold of jsessionid and concat it with the url, we will still be able to access contents in the HttpSession object.

Servlet HttpSession cookies disabled

2 Answers2

Linked