tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kitching Simon <Simon.Kitch...@orange.ch>
Subject RE: Problem with session -- Each Time creating new session, inste ad of existing one
Date Thu, 05 Oct 2000 08:46:15 GMT
Ok, I will have another try..

In order to find your session, the servlet needs to be *sent* a cookie
containing the session id. If your perl script is invoking the url, but not
passing the session cookie, then of course the servlet won't find the
session. Your perl script will manually need to extract the JSESSION
cookie from its incoming request and add it to the request you make
to your servlet.

Hope this is the answer you are looking for :-)

Cheers,

Simon

> -----Original Message-----
> From:	sanjeev c joshi [SMTP:schidamb@cisco.com]
> Sent:	Thursday, October 05, 2000 7:25 AM
> To:	tomcat-user@jakarta.apache.org
> Subject:	Re: Problem with session -- Each Time creating new session,
> instead of    existing one
> 
> Hi,
> 
> Ok !!  I am using Apache with  Tomact  configured as a servlet Engine.
> I have a servlet AuthServlet  whose url looks like this ;
> 
> "http://localhost/CSCOnm/servlet/AuthServlet?cmd=validSession "
> 
> 
> Based on the "cmd"  parameter the appropriate method  is called by the
> doGet
> method of the servlet. i.e in this case a function
> public void validSession(HttpServletRequest req, ServletOutputStream out)
> The snippet of code for validSession is;
>  {
>   :
>   :
>   HttpSession session = req.getSession(true);
>   System.out.println(session);
>  :
>  :
>  }
> 
> When I point my browser to the url
> "http://localhost/CSCOnm/servlet/AuthServlet?cmd=validSession " , it
> returns me
> the old session from where I can retrieve the  data set in the session..
> This is
> the expected behaviour.
> When I luanch the same url ( do a http request )  from  a perl file in the
> cgi-bin directory of Apache , the   req.getSession() returns  the  new
> session,
> instead of giving me the  old session .
> 
>  I hope this clears  ur doubts. I would be grateful if u have a solution
> 
>  regards
> 
> --Joshi
> 
> 
> Kitching Simon wrote:
> 
> > Sorry, your description of what you are doing (included below)
> > doesn't make any sense to me. You are launching what from where????
> >
> > If you could post a more complete description of what your
> > architecture is, that would help.
> >
> > And are you using apache, or just tomcat? What platform?
> >
> > Regards,
> >
> > Simon
> >
> > > -----Original Message-----
> > > From: sanjeev c joshi [SMTP:schidamb@cisco.com]
> > > Sent: Wednesday, October 04, 2000 11:17 AM
> > > To:   tomcat-user@jakarta.apache.org
> > > Subject:      Re: Problem with session -- Each Time creating new
> session,
> > > instead of   existing one
> > >
> > > Hi,
> > >
> > > But my problem is  more  fundamental than that.  The AuthServlet (
> with
> > > request
> > > to call validsession() - function)  when rendered from the browser  (
> > > using the
> > > servlet url ) it seems to be working. But when a perl file ( in the
> > > cgi-bin
> > > directory)  or a  java file luanches the same url (which inturn calls
> > > validsession) , it  fails.
> > > Can u explain that ...? what is the problem ? FYI this was working
> fine
> > > with
> > > JRun as servlet engine.
> > >
> > > regards,
> > >
> > > --Joshi
> > >
> > > Kitching Simon wrote:
> > >
> > > > Hi,
> > > >
> > > > Sessions are identified by cookies (normally, anyway).
> > > > The way a web server tells a browser to set a cookie is to send an
> http
> > > > command
> > > > in the *header* of the returned data.
> > > >
> > > > If you look at the documentation for pageContext.include(....),
> which I
> > > > guess is what
> > > > you are using to execute your servlet from within you jsp file, you
> will
> > > see
> > > > that the
> > > > specification *requires* tomcat to flush the output buffer
> (including
> > > all
> > > > http headers)
> > > > to the client before invoking the included servlet or jsp page.
> > > >
> > > > The implication is that no included page can ever set a header
> > > attribute,
> > > > including
> > > > cookies. Your servlet code is indirectly calling response.setCookie,
> > > which
> > > > is calling
> > > > response.setHeader(....) but the header info has already gone gone
> > > gone....
> > > >
> > > > It seems to me that an IllegalStateException really should be
> generated
> > > if
> > > > you
> > > > ever try to set a cookie after the response has been flushed, but
> this
> > > > doesn't seem
> > > > to happen. In my experience it just gets ignored.
> > > >
> > > > I think the solution in your case is to separate your servlet into a
> > > *bean*
> > > > and a
> > > > trivial servlet-wrapper that invokes the bean. You can then include
> the
> > > same
> > > > bean into your jsp page with a <jsp:useBean> command, and call it
> > > directly.
> > > > Because you are *not* doing an include, the response buffer doesn't
> get
> > > > flushed
> > > > and (hopefully) your create session call request.getSession(true)
> (ie
> > > > addCookie call)
> > > > will then take effect.
> > > >
> > > > Hope this helps (and hope it is right, part of it is just
> guessing....)
> > > >
> > > > Simon
> > > >
> > > > > -----Original Message-----
> > > > > From: sanjeev c joshi [SMTP:schidamb@cisco.com]
> > > > > Sent: Wednesday, October 04, 2000 8:45 AM
> > > > > To:   tomcat-user@jakarta.apache.org
> > > > > Cc:   Joshi Sanjeev C
> > > > > Subject:      Problem with session -- Each Time creating new
> session,
> > > > > instead of  existing one
> > > > >
> > > > > Hi,
> > > > >
> > > > > I am using Tomact with Apache.I have a problem with the session.
> > > > >
> > > > > I have a servlet . The servlet AuthServlet  has a method  called
> > > > > "validsession()" which does
> > > > >
> > > > > HttpSession session= request.getsession( true);
> > > > > :
> > > > > :
> > > > > When I  call the AuthServlet from the browser  ( doGet inturn
> calls
> > > > > validsession()) , it returns the existing session appropriately
> with
> > > all
> > > > > the session parameters. But when the same AuthServlet is called
> from
> > > > > any other java file or perl sript ( in the cgi-bin directory),  it
> > > > > creates  a new session each time  instead of getting my existing
> > > > > session.  All the class files are in the  directory as directed in
> the
> > > > > classpath  variable. I have another method in the AuthServlet  "
> > > > > getCurrentUser()" where It does  the same thing i.e,
> > > > > HttpSession session= request.getsession( true);  strangely  it
> seems
> > > to
> > > > > work ( it retruns the existing session .....)
> > > > >
> > > > > Anyone has faced this problem and found the soultion, kindly help
> > > me....
> > > > >
> > > > > Any quick help ... I will be grateful........
> > > > >
> > > > >
> > > > > regards
> > > > >
> > > > > --Joshi

Mime
View raw message