Costin Manolache wrote: > 2.1 is becoming a nightmare for me. *snip* > I have an applet that post some data to a servlet. *snip* > In 2.0 API the only portable way to do that was to use a URL connection > and send the > session Id as a normal parameter. The servlet will create a dummy > session ( since there > was no other way to access SessionContext) and get the real session > using the id. > I found absolutely no way to exit the applet ( showDocument() takes a > URL as parameter, > but as soon as I create the dummy session I'm stuck and can't change > the session ). *snip* Costin, Hi - Sorry I'm replying so long after your original post. If I understand correctly, you have a given session going, then the applet pops up, and sends data, and you need to associate the data that you just got with the session that was already established, but without getContext ( and then get session ) you will not be able to. Is that a true statement ? I have more or less the same problem, and 2.1 has screwed me too. What I don't understand though, is how come the applet does not inherit the session id ? In my case I don't get it because I'm using the java plug-in, but if you are running a regular applet then the session id's should match. Unless of course you have a session that never expires, sitting on the server, and that you want users to be able to "pick-up" that session ( and associated info ) whenever they connect from somewhere, in which case I feel your pain. I'm in the process of implementing my own session management as well, and I may have to implement my own fileservlet as well if request dispatcher does not do what I need it to do. Personally, I don't see what the big deal about the session context security "hole" is, but maybe I'm just stupid. Alfonso. ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
