RE: [wsrp] initCookie

[Andre Kramer <andre.kramer@eu.citrix.com>]

Title:

I agree JSESSIONID has no special significance. While (a) seems more strict, I'm fine with (b), but wanted to flush out any problems app servers may have with expired cookies.

 

regards,

Andre

-----Original Message-----
From: David Ward [mailto:david.ward@oracle.com]
Sent: 24 June 2003 11:15
To: Andre Kramer
Cc: WSRP
Subject: Re: [wsrp] initCookie

Andre Kramer wrote:

One question I have, now that we have multiple cookies, is which cookie(s) are invalidated by the InvalidCookie fault?

Or to put it another way: Should the initCookie(), following an InvalidCookie fault, forward (a) no cookies (b) all currently stored cookies or (c) only cookie(s) set by last initCookie() response.

(b) sounds the most sensible to me - you are following cookie semantics and can leave it to the Producer to decide what to do with each (potentially expired) cookie. I can't believe that app servers will have problems with expired cookies being sent.

I don't like the overhead of tracking (c), and (b) may give some app servers problems if some of the cookies are really dead. I suppose it is up to the consumer to return anything it likes, but are people ok with (a) after the JSESSIONID cookie expires?

regards,

Isn't JSESSIONID Java servlet specific? I don't think you should start giving significance to certain cookies in the protocol if at all possible.

Andre

--

---

David Ward
Principal Software Engineer
Oracle Portal

Oracle European Development Centre
520 Oracle Parkway
Thames Valley Park
Reading
Berkshire RG6 1RA
UK

Email:	david.ward@oracle.com
Tel:	+44 118 924 5079
Fax:	+44 118 924 5005