Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
hidding session id
#1
Is there a way to hide /k0~Pz-oDrK62PagviKl3YG/$/

from showing?

Thanks,

Ed
Reply
#2
What's your IW version?

If you have latest IW 15.1:

There are 2 possibilities:

A- Single session per browser:

ServerController.SessionOptions.UniqueURL = False
ServerController.CookieOptions.UseCookies = True

This way a single session per browser can be created. Two or more browser tabs pointing to your application will actually share the same session (in practice, the application is intended to be used in such a way that opening 2 or more browser tabs is not recommended).

B- Multiple session per browser:

ServerController.SessionOptions.UniqueURL = False
ServerController.CookieOptions.UseCookies = False

This way multiple session per browser can be created and they should work independently. Once cookies can't be used, IW uses internal hidden fields to do session tracking. This creates other side-effects that should be carefully considered. The most important is: When the user presses <ENTER> in the address bar, a new session is started because there is no cookie to track the session and a GET request will actually trigger a new session. This "side effect" can be irrelevant for some types of applications and unacceptable in others.
Reply
#3
Thank You
Reply
#4
Hi Alexandre,

I too am getting to a point where I would like to get rid of the SessionId in the url. I'm also using UniqueUrl and are getting to a point where the users are complaining how difficult it is to use the build-in bookmark functions of the browsers they use.

On top of the UniqueUrl I also use a start parameter like: http://myappl:8888/Appl3/?/start/u=xxx and with UniqueUrl, all after the APPl3/ is replaced with the SessionId.

The problem with saving the url as a link, is that users often get an error" invalid SessionId", when using the link to start a new session, and in any case the start parameter is missing.

Above you say setting servercontroller properties UniqueUrl and UseCookies to false, would still allow the users to have a separate session running in every open tab in the browser, but also that "This creates other side-effects that should be carefully considered". Could you expand that sentence a bit. Which side-effects are they ?

I do not see my users pressing ENTER to a value in the address bar, so I should be safe from starting lots of new sessions.

But what other side-effects should I be aware of and look out for ?

Regards
Soren
Reply
#5
> users are complaining how difficult it is to use the build-in bookmark functions of the browsers they use.

Several sites, portals and applications use some form of ID in the URL. This is quite common and honestly, users should be used to it by now...

Other than that, regarding the invalid session, just turn on the SessionOptions.RestartExpiredSessions and they will be restarted when a user tries to access it using an expired link

The side effect of not using cookies is exactly what I explained: it might be acceptable for some applications but not for others because a user refreshing the browser would cause a new session to start (instead of continuing the old session). I suggest that you try to play with it and see for yourself what happens.
Try to open a form and press F5 or ENTER in the browser address bar and see what happens. It is better seen than explained :-)
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)