Hi! This question is related to Pax Web.
I have a use case where I need to do some out-of-session processing, then reassociate the results back into the original session. Specifically, I am using OpenID. The way it works is that the relying party (me) sends an authentication request to the OpenID Provider (OP). The OP replies back to me, and I carry on from there. >From the user's perspective, a page gets loaded from my site, then a page gets loaded from the OP's site where the user authenticates. The OP then sends back a response with an authentication token, and the user carries on with what he/she was trying to do. Ideally, I would like to just reassociate the last part with the original session. The problem is that since the request comes in via the OP, a new session gets created, so it breaks continuity. I would like to reassociate those requests in order to keep everything together as one session, or at the very least the requests coming from the user. This is not a Wicket or pax-wicket issue, since Wicket relies on the underlying web framework. I checked the OSGi HttpService specs. There is no mention of this. The only thing I can think of is that I need to dig into the implementation of pax-web (which is based on Jetty, IIUC). So, this is a pax-web-related question. It was suggested that I could just append "jsessionid" as a parameter in the URL. I tried this, but it did not work, so I guess it's not so simple. Alin, I think you're the Pax Web guy, here. What do you think about this? What would be a "clean" way of fixing this problem? Thanks! =dml _______________________________________________ general mailing list [email protected] http://lists.ops4j.org/mailman/listinfo/general
