iTP Secure WebServer System Administrator's Guide (iTPWebSvr 5.1+)
Using NonStop Servlets for JavaServer Pages With
The iTP Secure WebServer
iTP Secure WebServer System Administrator’s Guide—522659-001
9-43
Reserved Cookie Name
Reserved Cookie Name
•
The cookie name "JSESSIONID" is reserved for internal use. According to the
Servlet API 2.2 the name of the session tracking cookie must be "JSESSIONID" and
the name of the session tracking parameter used in the URL rewriting must be
"jsessionid".
Changes from Servlet Version 2.0 to 2.1
If you are migrating from a previous release of Java servlets such as 2.0, you should
check the 2.2 API spec to ensure that any methods or interfaces you have used in the
past have not been deprecated. The following list contains the changes that we have
made:
Deprecated Interfaces
•
javax.servlet.http.HttpSessionContext was removed for security reasons
Deprecated Methods
•
javax.servlet.ServletContext.getServlet(String) was potentially unsafe
•
javax.servlet.ServletContext.getServletNames( ) makes no sense without getServlet
•
javax.servlet.http.HttpSession.getSessionContext()
(HttpSessionContext is deprecated)
The following methods have been deprecated in the API standard.
•
javax.servlet.ServletContext.log(Exception, String)
Use log(String, Throwable) instead
•
javax.servlet.ServletRequest.getRealPath(String)
Use ServletContext.getRealPath instead
•
javax.servlet.http.HttpServletRequest.isRequestedSessionIdFromUrl
Use isRequestedSessionIdFromURL instead)
•
javax.servlet.http.HttpServletResponse.encodeRedirectUrl(String)
Use encodeRedirectURL instead
•
javax.servlet.http.HttpServletResponse.encodeUrl(String)
Use encodeURL instead
Changes from Servlet Version 2.1 to 2.2
Deprecated Methods
•
Constructor javax.servlet.UnavailableException.UnavailableException(Servlet
servlet, String message)
•
Constructor javax.servlet.UnavailableException.UnavailableException(int
sec,Servlet servlet, String message)