Return-Path: Delivered-To: apmail-jakarta-jetspeed-dev-archive@apache.org Received: (qmail 43130 invoked from network); 15 Nov 2001 17:57:52 -0000 Received: from unknown (HELO nagoya.betaversion.org) (192.18.49.131) by daedalus.apache.org with SMTP; 15 Nov 2001 17:57:52 -0000 Received: (qmail 16098 invoked by uid 97); 15 Nov 2001 17:57:52 -0000 Delivered-To: qmlist-jakarta-archive-jetspeed-dev@jakarta.apache.org Received: (qmail 16065 invoked by uid 97); 15 Nov 2001 17:57:51 -0000 Mailing-List: contact jetspeed-dev-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Jetspeed Developers List" Reply-To: "Jetspeed Developers List" Delivered-To: mailing list jetspeed-dev@jakarta.apache.org Received: (qmail 16054 invoked from network); 15 Nov 2001 17:57:51 -0000 Message-ID: <3BF40261.5060501@apache.org> Date: Thu, 15 Nov 2001 12:58:57 -0500 From: Paul Spencer User-Agent: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:0.9.4) Gecko/20011019 Netscape6/6.2 X-Accept-Language: en-us MIME-Version: 1.0 To: Jetspeed Developers List Subject: Re: new WebPagePortlet and cookies References: <022201c16d37$4188d580$83e5c53f@MANU> <000d01c16df8$04903080$2601a8c0@llega> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N Laura, So you are requesting that the cookies retrieved from the Server by the WebPagePortlet will be passed, along with the Server's domain information [ javax.servlet.http.Cookie.setDomain() ], to the browser? You may be opening up a security hole on the user's browser. As to the session, will your server, not Jetspeed, allow the client of a session to change? You should be able to write a JSP that retrieve a page from a server and passes the content, including cookies, to your browser. Then verify the server will accept the cookies. Paul Spencer Laura lega wrote: > Hello. > > We are trying to understand if using jetspeed could be useful to us. > We need to use WebPagePortlet to load data from a server after > authenticating against it. Obviously we need to maintain a session between > browser and server. > By "managing cookies" I mean the possibility for the browser to get cookies > from the server through WebPagePortlet and to send them back to the server > in subsequent requests. Not only to maintain a session. > > Are you going to develop something like that? > Are you going to include cookies information into RunData object? > > We have seen you have "put RunData into WebPagePortlet". Does that RunData > contain Request object from browser? > > Thanks and sorry for just making questions ;-) > > Laura > > > > -- To unsubscribe, e-mail: For additional commands, e-mail: