cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sergey Beryozkin <>
Subject Re: Sessions and JAX-RS
Date Thu, 19 Jul 2012 15:10:00 GMT
Hi Benson
On 19/07/12 15:14, Benson Margulies wrote:
> At the risk of incurring the wrath of Roy T. Fielding, I want to do
> something with sessions and JAX-RS. I see the @Context annotation, but
> I don't understand what I need to do to cause a session to come into
> existence in the first place.
We have a couple of examples in the code base.
One is to let the servlet container manage it on your behalf, simply do

HttpServletRequest request;
(or get it from MessageContext)

HttpSession session = request.getSession();

and work with HttpSession. This can be the simplest option, however 
there's little control over the way cookie can be actually represented - 
this apparently can further customized say at the Tomcat/Jetty config 
level but it can become quite involved - especially if you'd like start 
sharing the state between the multiple containers...

So the simpler option may be to set cookies explicitly, example,

return Response.ok().header("Set-Entity", theCookie).build();

(or use NewCookie utility - it does not support Expires property though) 
and then get the returning cookie in a request filter, using 
HttpHeaders, etc - this is what we do in the saml2 sso sp code

Cheers, Sergey

View raw message