tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Allistair Crossley" <Allistair.Cross...@QAS.com>
Subject RE: [OT] Sharing session with manual jsessionid
Date Fri, 24 Jun 2005 14:58:02 GMT
I've come up with the only solution I can see that will work. The parent appends it's session
id as now, and the target JSP (inside the XML call) uses JSTL sql tags to retrieve information
using the parent session id as a key into that "state" table.

It works and I don't see a way for me to mess with headers with my method.

Cheers, Allistair.

> -----Original Message-----
> From: Jon Wingfield [mailto:jon.wingfield@mkodo.com]
> Sent: 24 June 2005 15:47
> To: Tomcat Users List
> Subject: Re: [OT] Sharing session with manual jsessionid
> 
> 
> I commiserate. Only last week I tried to override the cookie 
> header for 
> an AJAX request using setRequestHeader. It didn't work :(
> 
> Allistair Crossley wrote:
> 
> > Thanks for the info. I have been trying with ; but to no 
> avail, so it must be the case (and it will be) that the 
> parent page's session id is already a cookie AND I am passing 
> it as a URL, so the cookie is winning. 
> > 
> > Since the XML requests are generated by JavaScript 
> client-side objects, there is little scope for tampering with 
> headers but I can look at the other JSP end to see if I can 
> do anything I suppose.
> > 
> > Thanks again.
> > 
> > 
> >>-----Original Message-----
> >>From: Jon Wingfield [mailto:jon.wingfield@mkodo.com]
> >>Sent: 24 June 2005 15:13
> >>To: Tomcat Users List
> >>Subject: Re: [OT] Sharing session with manual jsessionid
> >>
> >>
> >>The jsessionid would have to be a path parameter not a url 
> parameter 
> >>(append prefixed with a semi-colon rather than a question mark).
> >>
> >>There was a thread last week called "isRequestedSessionIdFromURL() 
> >>returns false" which discussed what happens when the id is 
> >>both in the 
> >>url and a cookie: the cookie wins. You'll have to make sure the xml 
> >>requests don't have the cookie header. (It sounds like that 
> >>is the case 
> >>as a new session is generated.)
> >>
> >>HTH,
> >>
> >>Jon
> >>
> >>Allistair Crossley wrote:
> >>
> >>>Hi,
> >>>
> >>>We are using embedded XML requests within out browser and I 
> >>
> >>would like to share information through 1 session since these 
> >>XML requests create new requests with their own sessions.
> >>
> >>>I am obtaining the outer session with session.getId and 
> >>
> >>manually adding jsessionid=<%= session.getId() %> to the XML 
> >>requests in the hope that the jsessionid will override the 
> >>presence of cookies in the internal JSP that the XML request hits.
> >>
> >>>However, it does not, and the internal JSP generates 
> >>
> >>another session id.
> >>
> >>>I don't think this can be helped can it?
> >>>
> >>>Cheers, Allistair
> >>>
> >>>
> >>><FONT SIZE=1 FACE="VERDANA,ARIAL" COLOR=BLUE> 
> >>>-------------------------------------------------------
> >>>QAS Ltd.
> >>>Registered in England: No 2582055
> >>>Registered in Australia: No 082 851 474
> >>>-------------------------------------------------------
> >>></FONT>
> >>>
> >>>
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 


<FONT SIZE=1 FACE="VERDANA,ARIAL" COLOR=BLUE> 
-------------------------------------------------------
QAS Ltd.
Registered in England: No 2582055
Registered in Australia: No 082 851 474
-------------------------------------------------------
</FONT>


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message