Just found a property in the Session called authType, wich has the value CLIENT-CERT when accessed from the Struts app and null from JSF.
So it seems like it is to do with the security settings, sorry to have bothered you all :) Cheers, Mike On 03/10/2007, Mikael Andersson <[EMAIL PROTECTED]> wrote: > > That is what I thought as well and what is sensible. > > I need to dig a bit deeper and see what is going on. > > Currently what I've tested is to put a break point in a old class which > retrieves a users id from the http session. > When accessing a struts page, I see one session. But when accessing a jsf > page, where I call the same method via a Facelts functino I see another > session (which only has a couple jsf related attributes in it). > > Can security constraints (container managed) cause different sessions to > be created? > > If anyone can think of something which may cause what I'm seeing I'd be > greateful. > > Thanks, > Mike > > On 03/10/2007, Simon Kitching <[EMAIL PROTECTED]> wrote: > > > > ---- Mikael Andersson <[EMAIL PROTECTED]> schrieb: > > > Hi > > > > > > I'm investigation how to integrate JSF into a large Struts based > > application > > > and one thing which I need to do is access attributes put into the > > http > > > session by Struts (homegrown security framework). > > > > > > I first thought that the Session would be the same for both > > applications but > > > discovered that that isnt' the case. If someone can shed some light > > about > > > how this all works I'd be really grateful (session management). > > > > > > What I tried was the good old FacesContext->external context->session > > line. > > > > The sessions *are* the same. Accessing > > FacesContext.externalContext.session should work fine. > > > > Using FacesContext.externalContext.sessionMap should also return the > > same values, but as a map rather than exposing the actual Session object. > > This can be convenient as it avoids a typecast operation. > > > > Regards, > > > > Simon > > > >
