OK, it is RPCJava that create a session for you :
In the RpcServlet :
public Object getServiceInstance(String serviceName) {
HttpServletRequest request=requestTl.get();
return
request.getSession(true).getAttribute(getSessionKey(serviceName,request.getParameter("in
On 29 oct. 2010, at 11:08, Stefan Andersson wrote:
>
> But, how did you solve session persistence in the java web server for
> authentication?
>
We are using JEE session. We are using Tomcat and/or Jetty.
JEE session is kept alive by the web container, there is nothing to do but in
that case
Hej Jean Baptiste,
>I think there might be a wording problem : after reading your email, I'm not
>sure what you call a session is a JEE session but might be more a concept you
>implemented in your system that look like to be higher level than JEE session.
>If session is a JEE session, I feel da
Hi Stefan,
On 29 oct. 2010, at 09:34, Stefan Andersson wrote:
> Hej Jean Baptiste,
>
> >> There are a few interesting things with session id:
> >> 1. monitor a continous session from an identified ip
> >wow, I think linking IP and session is very dangerous. I won't do that.
>
> It is done on th
Hej Jean Baptiste,
>> There are a few interesting things with session id:
>> 1. monitor a continous session from an identified ip
>wow, I think linking IP and session is very dangerous. I won't do that.
It is done on the server side so this is no wow. It is never revealed to the
outside world.
On 28 oct. 2010, at 13:00, Stefan Andersson wrote:
> Hej Jean Baptiste,
>
> >On the backend, RPC should not be linked to session.
>
> Backend = backend of client? ( I guess that is what you mean here ) The
> server handles the session id.
>
Backend = server side like in backend :-)
When I mea
Hej Jean Baptiste,
>On the backend, RPC should not be linked to session.
Backend = backend of client? ( I guess that is what you mean here ) The server
handles the session id.
Server:
The http request call first hits the rpc servlet in the server. This servlet is
always connected to a session
Hi Stefan,
On the backend, RPC should not be linked to session.
Session should be managed on server side before reaching RPC.
RPC services are classes that should be singleton, no need to instanciate more
than once, and this instance should be reached by thread, like a Servlet,
inside or outsid
We have been dealing with some session problems regarding rpc.
The manual says:
"There is one instance of a service class per session."
- It can be interpreted as every rpc service call made gets a new session. This
is really what happens.
- Cookies turn on means session id is saved locally fo
