hi jesse,
i know that session-handling is a servlet-container thing, but this issue is
happening on tomcat and jetty...
today i built a very simple app wich shows same behavior as i noticed in my
productive application. its just two pages and a form:
home-page should initialize some data in session and then redirect to a page
with a form:
public void pageBeginRender(PageEvent event) {
SessionVisit visit = getSessionVisit();
// do something with state object
logger.info("sessionId: " +
getWebRequest().getSession(false).getId());
if (event.getRequestCycle().isRewinding() == false) {
throw new PageRedirectException("Data");
}
}
data-page contains a form for user-input:
<form jwcid="@Form">
<input jwcid="@Submit" />
</form>
so a user comes to the app, he is redirected to the form and then presses
submit which directly produces a stale-session! this is because tapestry does
not know the sessionId wich has been written to session-cookie...
i use version 4.0.2. should i put the app in jira, so that you can take a look?
kind regards
peter
-----Ursprüngliche Nachricht-----
Von: Jesse Kuhnert [mailto:[EMAIL PROTECTED]
Gesendet: Sonntag, 11. Februar 2007 22:07
An: Tapestry users
Betreff: Re: app has other sessionId than in cookie
The session ID's aren't managed by Tapestry at all. They come from the
servlet spec / whatever servlet container you are running in.
I'm not sure what is supposed to be happening vs. what is happening here.
On 2/9/07, Peter Schröder <[EMAIL PROTECTED]> wrote:
> hi,
>
> i think i found the source of this behaviour:
>
> public void pageBeginRender(PageEvent event) {
> logger.info("sessionId: " +
> getWebRequest().getSession(false).getId());
> if (event.getRequestCycle().isRewinding() == false) {
> SessionVisit visit = getSessionVisit();
> getSessionService().initSession(visit,
> getValidateRequest());
> throw new PageRedirectException("Data");
>
> // this is what the redirect-exception would do:
> //
> // IRequestCycle cycle = event.getRequestCycle();
> // cycle.activate("Data");
> // try {
> //
> event.getRequestCycle().getInfrastructure().getResponseRenderer().renderResponse(cycle);
> // } catch (IOException e) {
> // // noop
> // }
> }
> }
>
> while throwing a redirect-exception, or activating a page through
> response-renderer, there is an other sessionId generated an written into
> session-cookie! is this a bug?
>
> kind regards,
> peter
>
>
> -----Ursprüngliche Nachricht-----
> Von: Peter Schröder [mailto:[EMAIL PROTECTED]
> Gesendet: Freitag, 9. Februar 2007 14:13
> An: Tapestry users
> Betreff: app has other sessionId than in cookie
>
> hi,
>
> i have a problem with tapestry and session/cookies.
>
> there is a different sessionId in the cookie than the actual session that is
> used bye the tapestry page. while rewinding a form tapestry uses the
> sessionId from the cookie and creates a new state-object for that session,
> neglecting the existing one.
> when i change the sessionId in the cookie to the one originally uses in the
> tapestry-page, everything works fine.
>
> did anyone had a simmilar issue?
>
> my debugging is like this:
>
> @InjectObject("service:tapestry.globals.WebRequest")
> public abstract WebRequest getWebRequest();
>
> public void pageEndRender(PageEvent event) {
> logger.info("sessionId: " +
> getWebRequest().getSession(false).getId());
>
> }
>
> output:
>
> sessionId: 9em3ruceflxw <-- before rewind
> sessionId: ajmklffigzpk <-- after rewind
>
> cookie says:
>
> Name JSESSIONID
> Value ajmklffigzpk
> Host localhost
> Path /mocaPreselection
> Secure No
> Expires At End Of Session
>
> thx in advance,
> peter
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
--
Jesse Kuhnert
Tapestry/Dojo team member/developer
Open source based consulting work centered around
dojo/tapestry/tacos/hivemind. http://blog.opencomponentry.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
