Re: Using a custom method of session-id propagation

Christopher Schultz wrote: | The problem with both cookies and session id's in the URL is that we | develop applications for use on cellphones. Cell network operators are a | bunch of not-so-nice-people who sometimes feel the need to screw up HTTP | traffic in their gateways, e.g. by messing with

Re: Using a custom method of session-id propagation

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tom, Tom van Wietmarschen wrote: | What I want to change is how the session id is communicated to the | client and back. Basically, I want to change the object that retrieves | the session ID from the HTTP request and feeds it to the session | manage

Re: Using a custom method of session-id propagation

Tom this is 100% correct "there is no way to even instantiate a session object from a self-supplied session-id let alone replace the current session object in the HttpRequest." but I am still a little curious as to why Tomcats generated session id is not adequate, is it purely because you ca

Re: Using a custom method of session-id propagation

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Peter, Peter Stavrinides wrote: | Tom this is 100% correct "there is no way to even instantiate a session | object from a self-supplied session-id let alone replace the current | session object in the HttpRequest." That depends on your definition o

Re: Using a custom method of session-id propagation

Tom this is 100% correct "there is no way to even instantiate a session object from a self-supplied session-id let alone replace the current session object in the HttpRequest." but I am still a little curious as to why Tomcats generated session id is not adequate, is it purely because you can'

Re: Using a custom method of session-id propagation

The problem is that the server needs to be the one generating the session id for a number of reasons, i.e.: ensuring it is always unique and set correctly, and its best left that way... so I think you're walking down a dark alley and its not likely that the API would ever allow this as it opens

Re: Using a custom method of session-id propagation

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tom, Tom van Wietmarschen wrote: | I've been looking at a way to do this but I can't find a solution, | filters seem to be too late in the chain: a request object is already | created and there is no way to even instantiate a session object from a |

Using a custom method of session-id propagation

L.S., I was wondering if it is possible to write a custom method of propagating the session ID between HTTP requests. Specifically: we want to store the session id in a X-ourcompanyname-sessionid header (we use a custom http client so we can modify that to send the sessionid back in a header). T