Or something like: Authentication webapp authenticates the user, obtains it's data, like name, age, all parameters you were talking about, then saves them in the database, in a row with a primary key which == id of the session of the authentication webapp. Then it redirects to the main webapp with a parameter, say, "authId" == value of that primary key. The main webapp reads data from the db and can use it for further processing. Then deletes that row from the table. If it can't find a row with provided id, then it logs the user as a possible hacker :)
-----Original Message----- From: John McCosker [mailto:[EMAIL PROTECTED] Sent: Thursday, December 09, 2004 11:07 AM To: 'Struts Users Mailing List' Subject: RE: Transmission of a session using jsessionID >>is there any other way to share session between two >> different web application. I really need to do this... Just my 2 cents, which ever application creates the session, you could create a unique indentifier, store it in a dsn, then write indentifier to url for all inetractions with applications and verify with dsn lookup. This may not be the most intuitive approach, maybe, depends if both apps have access to dsn. You also would want to do a dsn cleanup for expired indentifier's. Or have application dependant sessions verfied by value of url or hidden form field so its not actually seen, and cut out the dsn altogether. -----Original Message----- From: Niall Pemberton [mailto:[EMAIL PROTECTED] Sent: 09 December 2004 09:54 To: Struts Users Mailing List Subject: Re: Transmission of a session using jsessionID Maybe this "Tomcat How To" will help... http://www.fwd.at/tomcat/sharing-session-data-howto.html Niall ----- Original Message ----- From: "Claude Libois" <[EMAIL PROTECTED]> To: "Struts Users Mailing List" <[EMAIL PROTECTED]> Sent: Thursday, December 09, 2004 8:59 AM Subject: Re: Transmission of a session using jsessionID > A precision that make a big difference. > The two actions are not in the same web application. > I saw on a forum that sharing session between two web app is "bad design" > and so is not allow with jsessionID. > Is it true? If so, is there any other way to share session between two > different web application. I really need to do this... > Claude Libois > [EMAIL PROTECTED] > Technical associate - Unisys > > ----- Original Message ----- > From: "Claude Libois" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Thursday, December 09, 2004 9:32 AM > Subject: Transmission of a session using jsessionID > > > > Hi all, > > I try to keep my session after a redirect in struts but it doesn't work. > So > > I made a test application with an action sendSession.do and an other > action > > receiveSession.do. > > Here are the code of those two simple action: > > ************ > > sendSession.do > > ************ > > public class sendSession extends Action { > > public ActionForward execute(ActionMapping actionMapping, > > ActionForm actionForm, > > HttpServletRequest servletRequest, > > HttpServletResponse servletResponse) { > > System.out.println("***************** sessionId before redirect" > > +servletRequest.getSession().getId()); > > servletRequest.getSession().setAttribute("test","test"); > > ActionForward af=new ActionForward( > > > "http://12.2.33.13:40000/Consumer/receiveSession.do;jsessionid="; > > + > > servletRequest.getSession().getId(),true); > > return af; > > } > > } > > ************* > > receiveSession.do > > ************* > > public class ReceiveSession extends Action { > > public ActionForward execute(ActionMapping actionMapping, > > ActionForm actionForm, > > HttpServletRequest servletRequest, > > HttpServletResponse servletResponse) { > > System.out.println("***************** sessionId after redirect" > > +servletRequest.getSession().getId()); > > System.out.println("test > > "+servletRequest.getSession().getAttribute("test")); > > return null; > > } > > } > > > > What's wrong with it? the attribute "test" is null in receiveSession.do > > Is there anything else to do for session sharing between two web app?? > > > > Thanks in advance > > > > Claude Libois > > [EMAIL PROTECTED] > > Technical associate - Unisys > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
