Re: Sharing session between VirtualHosts

[Chris McCarthy]

-----------------------------
Please read the FAQ!
<http://java.apache.org/faq/>
-----------------------------

The problem with this is that it gives the end users more leverage for forging 
transactions.
Site A creates the transaction, sends it to site B which uses req.getParameter() to 
get all the values (including the price). Maybe we
could encrypt everything and put some sort of hash signature on all the parameters or 
something?.

Once the credit card payment is processed, I would have thought a 
response.sendRedirect() was the best way to get back to site A. How
can we send the transaction result back this way ?

Would you use a different mechanism to get back to site A ? (of course site A will 
need to update it's accounting records to reflect
the payment).

..Chris.

Brett Knights wrote:

> -----------------------------
> Please read the FAQ!
> <http://java.apache.org/faq/>
> -----------------------------
>
> Why not just build the necessary information into a form and do a post request to 
>the payment server? And do the same coming back.
>
> ***********************************************************
> Brett Knights                             626-432-5767 work
> [EMAIL PROTECTED]                 626-355-1017 home
> ***********************************************************
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of Khoivu
> > Nguyen
> > Sent: Monday, October 04, 1999 6:25 PM
> > To: Java Apache Users
> > Subject: Re: Sharing session between VirtualHosts
> >
> >
> > -----------------------------
> > Please read the FAQ!
> > <http://java.apache.org/faq/>
> > -----------------------------
> >
> > Yes, I know. Do you have any other recommendation to share?
> >
> > "Kevin A. Burton" wrote:
> >
> > > -----------------------------
> > > Please read the FAQ!
> > > <http://java.apache.org/faq/>
> > > -----------------------------
> > >
> > > This is probably technically possible... but don't expect your
> > > performance to be that great.
> > >
> > > Khoivu Nguyen wrote:
> > > >
> > > > -----------------------------
> > > > Please read the FAQ!
> > > > <http://java.apache.org/faq/>
> > > > -----------------------------
> > > >
> > > > I am very interested in this problem's solution since I
> > have a business need
> > > > to share the HTTPSession between 2 virtual hosts or two
> > servlet zones. I
> > > > believe the second problem may not be feasible by Apache
> > JServe design.
> > > >
> > > > One solution is before you invoke response.sendRedirect()
> > method, you save
> > > > the HTTPSession to database or file. If HTTPSession is
> > serializable, which I
> > > > think it is, we can serialize HTTPSession and save it as
> > a blob in database.
> > > >
> > > > Chris McCarthy wrote:
> > > >
> > > > > -----------------------------
> > > > > Please read the FAQ!
> > > > > <http://java.apache.org/faq/>
> > > > > -----------------------------
> > > > >
> > > > > I want to share HttpSession information between 2
> > Virtual Hosts. Can
> > > > > this be done, or do I have to use an alternative method
> > of communication
> > > > > ?. I tried it, with a servlet on both virtual hosts but
> > the session was
> > > > > not shared.
> > > > >
> > > > > It is for online payment, I want to do a
> > response.sendRedirect() to my
> > > > > secure (Virtual) server for online payment, so two way
> > comminication is
> > > > > required. I know it would be easier to run the secure
> > server on the same
> > > > > host as my servlets, but this is done for business reasons.
> > > > >
> > > > > Any help appreciated,
> > > > > ..Chris.
> > > > >
> > > > > --
> > > > > --------------------------------------------------------------
> > > > > Please read the FAQ! <http://java.apache.org/faq/>
> > > > > To subscribe:        [EMAIL PROTECTED]
> > > > > To unsubscribe:      [EMAIL PROTECTED]
> > > > > Archives and Other:  <http://java.apache.org/main/mail.html>
> > > > > Problems?:           [EMAIL PROTECTED]
> > > >
> > > > --
> > > > --------------------------------------------------------------
> > > > Please read the FAQ! <http://java.apache.org/faq/>
> > > > To subscribe:        [EMAIL PROTECTED]
> > > > To unsubscribe:      [EMAIL PROTECTED]
> > > > Archives and Other:  <http://java.apache.org/main/mail.html>
> > > > Problems?:           [EMAIL PROTECTED]
> > >
> > > --
> > >
> > > Kevin A Burton
> > > Software Engineer
> > > http://relativity.yi.org
> > > Mobile:  408-910-6145
> > >
> > > --
> > > --------------------------------------------------------------
> > > Please read the FAQ! <http://java.apache.org/faq/>
> > > To subscribe:        [EMAIL PROTECTED]
> > > To unsubscribe:      [EMAIL PROTECTED]
> > > Archives and Other:  <http://java.apache.org/main/mail.html>
> > > Problems?:           [EMAIL PROTECTED]
> >
> >
> >
> > --
> > --------------------------------------------------------------
> > Please read the FAQ! <http://java.apache.org/faq/>
> > To subscribe:        [EMAIL PROTECTED]
> > To unsubscribe:      [EMAIL PROTECTED]
> > Archives and Other:  <http://java.apache.org/main/mail.html>
> > Problems?:           [EMAIL PROTECTED]
> >
>
> --
> --------------------------------------------------------------
> Please read the FAQ! <http://java.apache.org/faq/>
> To subscribe:        [EMAIL PROTECTED]
> To unsubscribe:      [EMAIL PROTECTED]
> Archives and Other:  <http://java.apache.org/main/mail.html>
> Problems?:           [EMAIL PROTECTED]

--
Chris McCarthy  mailto:[EMAIL PROTECTED]
Software Engineer - Java Contractor (Cork, Ireland).




--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe:        [EMAIL PROTECTED]
To unsubscribe:      [EMAIL PROTECTED]
Archives and Other:  <http://java.apache.org/main/mail.html>
Problems?:           [EMAIL PROTECTED]