On Sun, 30 Jun 2002, John Baker wrote:
> Date: Sun, 30 Jun 2002 21:27:36 +0100
> From: John Baker <[EMAIL PROTECTED]>
> Reply-To: Tomcat Developers List <[EMAIL PROTECTED]>
> To: Tomcat Developers List <[EMAIL PROTECTED]>
> Subject: Re: Valves, requests and getting the session
>
> On Sunday 30 June 2002 9:25 pm, Craig R. McClanahan wrote:
>
> > > Will always print null.
> > >
> > > I assume I can get at the session from this level and I'm obviously doing
> > > something dumb. Are there any obvious things I should check?
> >
> > Try this slight variation (based on what Catalina does in the getSession()
> > method of AuthenticatorBase):
> >
> > HttpServletRequest hrequest = (HttpServletRequest) request.getRequest();
> > HttpSession session = hrequest.getSession(true);
>
> Already tried that, and sadly it didnt work :(
>
> > The code you quoted above shouldn't actually compile, because you're
> > calling getSession() on the internal HttpRequest interface, but there is
> > no getSession() method on that interface. You need the extra getRequest()
> > call to get to the HttpServletRequest object that would be handed to a
> > servlet -- that's the one with the getSession() method that operates as
> > you need it to.
>
> Yea I know, I copied rather than pasting and mistyped the casting.
>
> The mystery goes on.
>
Hmm ... this is baslically how the standard form-based login
implementation creates a session, except that it goes on and gets the
internal Session object ...
I presume you're trying to create the session *before* calling
context.invokeNext(), right? If you don't the response will have already
been committed so creating a new session would be ineffective.
>
> John
Craig
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>