cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Kulp <>
Subject Re: Tomcat session invalidation
Date Tue, 11 Oct 2011 17:46:44 GMT

Definitely ask on the Tomcat list.   There are so many ways of creating a 
session that I'm not sure what would really be best here.

You *COULD* create an interceptor that would grab the HttpServletRequest out 
of the incoming Message, wrappers it with one that throws and exception on the 
session related calls, and sets that back in the method.  If stuck early in 
the chain, it could prevent many cases where sessions are asked.   HOWEVER, if 
using Spring and a session scoped bean, it may not prevent it.  In that case, 
the Spring Servlet filter might be responsible which is run long before the 
CXF code.   

I'd definitely ask on the Tomcat list.


On Monday, October 10, 2011 10:39:11 AM David Sills wrote:
> All:
> I'm a little confused about something. I'm using Tomcat as my servlet
> (web-service) container with CXF and want to ensure that web service
> requests do not create HTTP sessions. I cannot seem to find
> documentation about this, even on the Tomcat site - maybe there isn't a
> way to do it?
> Does anyone have any suggestions?
> David Sills
Daniel Kulp
Talend -

View raw message