Though this may seem inappropriate for this group, I only run into
problems with Apache/JServ, so I thought that maybe someone here has
solved this problem...
I'm trying to use session tracking as illustrated in Hunter's
_Java Servlet Programming_ book from OReilly, and it doesn't seem
to work under my new Apache/JServ installation on NT.
Here is a sample protected servlet:
-----------------------------------------------------------------------------
public class ProtectedServlet extends HttpServlet {
public void doGet(HttpServletRequest req,
HttpServletResponse res)
throws ServletException, IOException {
res.setContentType("text/plain");
PrintWriter out = res.getWriter();
HttpSession session = req.getSession(false);
if ( session == null ) {
log("creating session");
session = req.getSession(true);
}
Object done = session.getValue("login.isDone");
if ( done == null ) {
log("storing target: " + HttpUtils.getRequestURL(req).toString());
session.putValue("login.target",
HttpUtils.getRequestURL(req).toString());
String stored = (String)session.getValue("login.target");
log("stored: " + stored);
res.sendRedirect(req.getScheme() + "://"
+ req.getServerName() + ":"
+ req.getServerPort() + "/login.html");
return;
}
out.println("secret stuff");
}
}
----------------------------------------------------------------------------
The login handler is like this:
----------------------------------------------------------------------------
public class LoginHandler extends HttpServlet {
private static File _usersFile;
public void init(ServletConfig conf) throws ServletException {
super.init(conf);
HttpSession session = req.getSession(false);
if ( session == null ) {
log("no active session in init");
}
String fn = getInitParameter("usersFile");
if ( fn == null ) {
log("ERROR: no users file parameter present. Aborting.");
System.exit(-1);
}
_usersFile = new File(fn);
log("userFile:" + _usersFile);
}
public void doPost(HttpServletRequest req,
HttpServletResponse res)
throws ServletException, IOException {
res.setContentType("text/html");
PrintWriter out = res.getWriter();
// Get name and password
String name = req.getParameter("name");
String passwd = req.getParameter("passwd");
log("login name: " + name);
if ( !allowUser(name, passwd) ) {
out.println("<html><head><title>Access Denied</title></head>");
out.println("<STYLE TYPE=\"text/css\">");
out.println("<!--");
out.println("H1 { ");
out.println(" color: 800004;");
out.println(" font-size: 190%;");
out.println(" font-style: italic;");
out.println(" font-family: Arial, Helvetica, helv, sans-serif;");
out.println("}");
out.println("-->");
out.println("</style>");
out.println("</head>");
out.println("<body>");
out.println("<H1>Invalid Password</h1>");
out.println("<body>Your login and password are invalid.<br>");
out.println("Use your browser's BACK button to try again.");
out.println("</body></html>");
}
else {
// Valid login
log(name + " is valid");
HttpSession session = req.getSession(false);
if ( session == null ) {
log("no active session; creating one now");
session = req.getSession(true);
}
session.putValue("login.isDone", name);
Vector bookCodes = codesForUser(name, passwd);
log("codes for " + name + ": " + bookCodes);
try {
String target = (String) session.getValue("login.target");
log("target=" + target);
if (target != null) {
res.sendRedirect(target);
return;
}
}
catch (Exception e) {
log(e.toString());
}
// couldn't redirect
String redirect =
req.getScheme() + "://" +
req.getServerName() + ":" +
req.getServerPort();
log("redirect: " + redirect);
res.sendRedirect(redirect);
}
}
protected boolean allowUser(String user, String pwd) {
// let anyone in
return true;
}
}
---------------------------------------------------------------------------
The relevant FORM method from login.html is
<form action="/servlet/LoginHandler" Method=post>
The resulting log file shows
1999-05-06 07:40:30:403 ProtectedServlet: creating session
The protected servlet created an HTTP session...
1999-05-06 07:40:30:403 ProtectedServlet: storing target:
http://michael.lexi/servlet/ProtectedServlet
1999-05-06 07:40:30:403 ProtectedServlet:
stored: http://michael.lexi/demo/ProtectedServlet
The redirect target was stored in the session...
1999-05-06 07:40:35:109 LoginHandler: init
1999-05-06 07:40:35:109 LoginHandler: login name: mike
1999-05-06 07:40:35:109 LoginHandler: mike is valid
1999-05-06 07:40:35:109 LoginHandler: no active session; creating one now
but the LoginHandler does not see the session!
Any ideas?
---
Michael Stacey
Lexi-Comp, Inc.
1100 Terex Road
Hudson OH 44236
(330) 650-6506
----------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
READ THE FAQ!!!! <http://java.apache.org/faq/>
Archives and Other: <http://java.apache.org/main/mail.html/>
Problems?: [EMAIL PROTECTED]
