Hi,
The two hosts, A and B can also establish a convention by adding
a query parameter called "RedirectedFrom" :
HostA adds an "?RedirectedFrom=HostA" to the URL, HostB does the similar
thing with care on building the redirected URL to preserve existing
query parameters and to add/change only "RedirectedFrom=..."
parameter.
So both servlets can search for parameter "RedirectedFrom" to see
if current request isnt in fact an redirect, and if it is, who did
the redirect.
The "Referer" header may be there or not, depending on the browser.
Cezar.
On Thu, 19 Aug 1999, Craig R. McClanahan wrote:
> Byte Code wrote:
>
> > Hi.
> >
> > Here is the scenario.
> >
> > Client send a browser requst to Host A
> >
> > Host A receives the request and redirects to Host B
> > Host B does some work and redirects back to Host A
> >
> > How do we determine now on host A that the request came from Host B???
> >
> > If both the servers do a response.sendRedirect() then a getRemoteHost()
> > and getRemoteAddress() always return the host and IP if the "originator"
> > of the request. AKA the browser.
> >
> > IS there anyother way to determine on A that the request actually came
> > from B?
> > ( after redir )
> >
>
> The problem is that the request really did come from the client in both
> cases. That's the way that redirects work:
>
> * Client calls Host A (remote host is Client)
>
> * Host A sends "redirect" back to Client
>
> * Client calls Host B (remote host is still Client)
>
> However, the client browser might include a "Referer" header to host B that
> said this request was "referred by" host A. Try looking for that (with a
> request.getHeader("Referer") call).
>
>
> > RFC 2109 and RFC 2068 arent really explicit on this..Any ideas people
> >
> > -Sam
> >
>
> Alternatively, you could have Host A make the request itself to Host B (acting
> like a proxy) and return the results, instead of doing a redirect. You could
> use a URLConnection for this. Then, Host B would see Host A as the remote
> host in the request, instead of Client.
>
> Craig McClanahan
>
> ___________________________________________________________________________
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
>
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
