Weblogic:当 cookie 设置安全且 jsession id 需要从 URL 中删除时如何跟踪会话
Weblogic : How to track session when cookies set secure and jsession id need to remove from URL
我正在使用网络逻辑 10.3。
我已将 Cookie 设置为安全的,并且我开始在 URL.
中获取 jsession id
在我的 JPF 控制器中,我们使用注释:@jpf.Controller(loginRequired = true)
当我修改weblogic.xml文件时
对于 URL-Rewriting false,我的应用程序无法跟踪会话。
来自控制器 NotLoggedInException 的方法来自应用程序未注销,
错误出现没有登录用户。
任何人都可以帮助我从 URL 中删除 jsession id 并保持 cookie 设置安全吗?
When we set our cookies as secure,
it will be no longer shareable on HTTP so framework will create a jsession id and append this id to URL so that session tracking can be done.
But when we think about to disable URL Re-writing means to remove jsession Id from URl.
In this case just try to redirect your application on HTTPS from HTTP.
On HTTPS secure cookies will be shareable.
To redirect http to https you need to implement a tg in web.xml
<security-constraint>
..................
..................
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL<transport-guarantee>
<user-data-constraint>
<security-constraint>
我正在使用网络逻辑 10.3。 我已将 Cookie 设置为安全的,并且我开始在 URL.
中获取 jsession id在我的 JPF 控制器中,我们使用注释:@jpf.Controller(loginRequired = true)
当我修改weblogic.xml文件时
对于 URL-Rewriting false,我的应用程序无法跟踪会话。
来自控制器 NotLoggedInException 的方法来自应用程序未注销,
错误出现没有登录用户。
任何人都可以帮助我从 URL 中删除 jsession id 并保持 cookie 设置安全吗?
When we set our cookies as secure,
it will be no longer shareable on HTTP so framework will create a jsession id and append this id to URL so that session tracking can be done.
But when we think about to disable URL Re-writing means to remove jsession Id from URl.
In this case just try to redirect your application on HTTPS from HTTP.
On HTTPS secure cookies will be shareable.
To redirect http to https you need to implement a tg in web.xml
<security-constraint>
..................
..................
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL<transport-guarantee>
<user-data-constraint>
<security-constraint>