tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yves Glodt <>
Subject Re: Manipulate other session
Date Tue, 14 Jul 2009 18:33:53 GMT
2009/7/13 Christopher Schultz <>:
> Hash: SHA1
> Daniel,
> On 7/13/2009 12:16 PM, Daniel Henrique Alves Lima wrote:
>>       I don't know if you can/should change other HttpSession directly.
> You might be able to on an older servlet container, but this portion of
> the API has been deprecated and will cause modern containers to throw
> exceptions. I'm not sure if a webapp specifies an old version of the
> spec, whether this API will be supported or not (by a new container
> which will enforce this prohibition on newer webapps).
>> As
>> Mikolaj Rydzewski said, you could perform a HTTP request using a
>> different JSESSIONID cookie or a ;jsessionid URL rewriting.
> This is possible.
> It's also possible to use a SessionListener to maintain your own list of
> sessions and then you can do whatever you want.
> The real question is why you want to do this in the first place.

After reading the other replies, I take the "you" for me for this reply ;-)

The reason I wanted to manipulate one HttpSession from another is
since in this case, I have
an external entity (and thus in another HttpSession) making a POST
request to my servlet, posting information about
a transaction made in another user-HttpSession.

Manipulating the user-HttpSession from the external request would have
been a way to feed the information
from the external entity to the user-session which is concerned.

Although I cannot consider this behaviour really beautiful, it's also
not that ugly...

Or do you (now "you" as "one") disagree or know a nicer way? :-)

> - -chris
> Version: GnuPG v1.4.9 (MingW32)
> Comment: Using GnuPG with Mozilla -
> YhsAnA8DXWpTkOQdg7vMursGAg5dWfPx
> =g3Tk

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message