A general Tomcat question, irrespective of Tomcat version or platform. Here goes...
For Http requests, JSESSIONID values are passed to the server from either a cookie stored by the browser or an additional parameter included in the request. Tomcat creates the appropriate HttpSession object before control gets to the Filter and/or Servlet and makes it available via HttpServlerRequest#getSession(boolean). This is fine.
I have a situation now where the JSESSIONID comes from an alternate source (encoded in the body of the message, for example). Custom code at the Filter level can parse the message body and find the JSESSIONID. Tomcat, however, doesn't know this and therefore does not grab the correct HttpSession and make it available through HttpServletRequest#getSession().
Given the following constraints, does anyone have any ideas?
(1) The client is not capable of understanding 302 (Redirect) responses.
(2) No modification of *internal* Tomcat classes are possible. Usage of Tomcat specific Valves/etc. are possible.
(3) If possible, Servlet code should not change. I would much prefer all logic to exist in a Filter (if not possible, this is flexible).
(4) If possible, I don't want to maintain a separate collection of HttpSession objects local to a given Object.
Thanks for the time, justin
____________________________________ Justin Ruthenbeck Software Engineer, NextEngine Inc. justinr - AT - nextengine DOT com Confidential See http://www.nextengine.com/confidentiality.php ____________________________________
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
