Christopher Schultz wrote:
| The problem with both cookies and session id's in the URL is that we
| develop applications for use on cellphones. Cell network operators are a
| bunch of not-so-nice-people who sometimes feel the need to screw up HTTP
| traffic in their gateways, e.g. by messing with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tom,
Tom van Wietmarschen wrote:
| What I want to change is how the session id is communicated to the
| client and back. Basically, I want to change the object that retrieves
| the session ID from the HTTP request and feeds it to the session
| manage
Tom this is 100% correct "there is no way to even instantiate a session
object from a self-supplied session-id let alone replace the current
session object in the HttpRequest." but I am still a little curious as
to why Tomcats generated session id is not adequate, is it purely
because you ca
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Peter,
Peter Stavrinides wrote:
| Tom this is 100% correct "there is no way to even instantiate a session
| object from a self-supplied session-id let alone replace the current
| session object in the HttpRequest."
That depends on your definition o
Tom this is 100% correct "there is no way to even instantiate a session
object from a self-supplied session-id let alone replace the current
session object in the HttpRequest." but I am still a little curious as
to why Tomcats generated session id is not adequate, is it purely
because you can'
The problem is that the server needs to be the one generating the
session id for a number of reasons, i.e.: ensuring it is always unique
and set correctly, and its best left that way... so I think you're
walking down a dark alley and its not likely that the API would ever
allow this as it opens
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tom,
Tom van Wietmarschen wrote:
| I've been looking at a way to do this but I can't find a solution,
| filters seem to be too late in the chain: a request object is already
| created and there is no way to even instantiate a session object from a
|
L.S.,
I was wondering if it is possible to write a custom method of
propagating the session ID between HTTP requests. Specifically: we want
to store the session id in a X-ourcompanyname-sessionid header (we use a
custom http client so we can modify that to send the sessionid back in a
header).
T