Actually on second thought there is a klugdy workaround, you can create a
Filter and trap the condition where the session does not come in the normal
way. From there, the Filter uses HttpClient (or appropriate) to construct a
new request rewritten to be servlet spec happy. The downside is the
Kludgy indeed. :) Just goes to show that there's *always* a way to get
things done if you're willing to jump through enough hoops.
If the client supported 302 Redirects, this wouldn't be such a problem as
the Filter could set the cookie in the redirect response and everything
would be fine.
A general Tomcat question, irrespective of Tomcat version or
platform. Here goes...
For Http requests, JSESSIONID values are passed to the server from either a
cookie stored by the browser or an additional parameter included in the
request. Tomcat creates the appropriate HttpSession object
You can't, you must use a Valve if you need to grab a Session from another
source than the standard spec stated ways. Any other servlet vendor should
have a similar answer. If they deviate from the above answer, they lie.
-Tim
Justin Ruthenbeck wrote:
A general Tomcat question, irrespective