Craig,
Thanks for the info. I tried your suggestions, but its just not working. I'm
using Servlet Exec 2.2, and my applet is running in the JRE 1.2 plugin.
Every round trip begets a NEW session. The URL rewriting as you outlined
below is also ignored by the servlet.
In my research, I've come up with these messages on this topic, addressing
both the API (cookie) issue and URL rewriting, both of which are reported
below to not work.
http://forum2.java.sun.com/forum?14@@.ee8f661
http://forum2.java.sun.com/forum?14@@.ee75c72
Everything works great if I stick to the <APPLET> tag and native JRE. But
<OBJECT> and <EMBED> give no connectivity between the web page and the
applet (apparently) with respect to the cookie. So every time the applet
hits the servlet, whoops, getSession gets a brand new id.
Are you quite sure about what you've said relative to running applets in a
PLUGIN, not the native browser JRE? Is there a way to doctor the header of
an output stream to embed the session id? I see that the HttpServletRequest
has a method to extract fields from the header. Can I create a cookie in the
applet and insert it into the output stream? Say by setRequestProperty on
the URLConnection object?
Thanks for your help.
Dave Godbey
> -----Original Message-----
> From: Craig R. McClanahan [SMTP:[EMAIL PROTECTED]]
> Sent: Wednesday, April 12, 2000 1:52 PM
> To: [EMAIL PROTECTED]
> Subject: Re: HttpSessionContext - Need
> newmethodHttpServletRequest.getSession(String sessionId)
>
> "Godbey, David" wrote:
>
> > Good question! I've been wrestling with this problem for a different
> reason.
> > Try tracking servlet sessions from a plugin without this class!
> >
> > I have a proposal.
> >
> > How do I go about requesting a method from Sun? And do you folks concur?
> Or
> > do you have a better idea?
> >
>
> Feedback on the servlet API should go to the email address on the front
> cover of
> the servlet spec:
>
> [EMAIL PROTECTED]
>
> See below for comments related to your specific problem.
>
> >
> > Problem:
> >
> > Applet-servlet communication when applet lives in Java JRE plugin (1.2
> for
> > example).
> >
> > When an applet is running in JRE plugin (I assume plugins will be around
> for
> > as long as browser releases lag Java releases), it is actually running
> in a
> > different application than the browser. As a result, they do not share
> > cookies.
> >
> > What this means is that it is difficult tracking servlet sessions given
> this
> > situation.
> >
> > Temporary solution:
> >
> > A temporary solution is to capture the sessionId first trip to servlet
> and
> > pass it back and forth between applet and servlet subsequently to
> maintain
> > state. To set the desired session containing the session variables of
> > interest, you can use HttpSession.getSessionContext, then pass the
> sessionId
> > string to the HttpSessionContext.getSession method to get your old
> session
> > back.
> >
>
> If your applet can find out what the "real" session ID is this way, why do
> you
> then need to do anything special on subsequent requests from the applet?
> As
> long as your request is formatted the same way that the browser would do
> it
> (either with a session cookie or the appropriate URL rewriting), then the
> standard session support inside the servlet container will be utilized.
>
> Let's take that a little slower to see what I'm talking about. In the
> formatting details I'm assuming that you are talking to a 2.2-compliant
> servlet
> container, where the mechanism by which the session ID is passed back and
> forth
> is standardized and therefore portable. If you're on an earlier rev of
> the
> servlet API spec, you'll need to mimic what your current servlet engine
> expects.
>
> * When the applet is initialized, it needs to be told what session ID to
> access (i.e. the same one your page is using). The simplest way to
> do this is, as you are generating the <applet> tag in a servlet or JSP
> page, just include an applet initialization parameter containing the
> session id.
>
> * On subsequent requests to the server, format the request the same way
> the browser would. If you are using cookies, that means adding a cookie
> with the name "JSESSIONID" (as of the 2.2 spec) and a value equal to
> the session identifier. If you're using URL rewriting, format your URL
> like
> this:
>
> http://www.mycompany.com/my/url;jsessionid=xxxxx
>
> where "xxxxx" is the session ID.
>
> * In your servlet that receives this request, just use the standard
> technique
> of calling request.getSession(), and it will grab the same session (for
> the
> applet) that your browser pages are using. Nothing special is required.
>
> Doing things this way means that your pages and applets share the same
> session
> ID, and therefore the same session.
>
> Craig McClanahan
>
> __________________________________________________________________________
> _
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the
> body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
