All the jsessionid functionality is provided by the servlet container,
not by Tapestry. And it does exactly what you are suggesting ...
except that its not about the user being logged in, its about the user
have a session.
On Thu, Jul 10, 2008 at 8:52 AM, Britske <[EMAIL PROTECTED]> wrote:
>
> partially related to a post I send a couple of days ago, but perhaps this
> explains better what I'm trying to do.
>
> I'm trying to strip the jSessionId from displaying in the url if:
> 1. user doesn't have cookies (otherwise it won't display anyway)
> 2. user is not logged in.
>
> I wanted to implement this as a filter, but I have to go with a dispather
> since to see if a user is logged in I need to have access to the ASM, which
> I can't get to in a filter.
>
>
> Now somewhere in between all the HttpSevletRequest to tapestry.request
> comversion, etc. tapestry decides to take over the JSessionId provided by
> the HttpServletRequest. I want to intercept this call somehow and strip the
> JSessionId from the request.
>
> I implemented a Dispatcher (the last in the line before onActivate is
> called) and basically wrapped (subclassed) HttpServletRequest and
> HttpServletResponse to return null for the sessionid and have redirecturl
> return url. My own HttpServlet get's called in the app (and returns null for
> getrequestedSessionId()) This request is added as a constructor param to a
> newly created tapestry.requestImpl which are both saved to RequestGlobals. I
> though that should do the trick
>
> not...
> Apperantly somehow the jsessionid is picked up anyway although (when
> expecting requestglobals.getHttpServletRequest.getRequstedSessionId() in
> page.onactivate() this correctly returns null).
>
> Anyone?
> Thanks.
>
> my code:
> //SessionStripController
> public final class SessionStripController implements Dispatcher {
> private ApplicationStateManager asm;
> private RequestGlobals globals;
>
> public SessionStripController(ApplicationStateManager
> asm,RequestGlobals
> globals){
> this.asm = asm;
> this.globals = globals;
> }
>
> public boolean dispatch(Request req, Response response) throws
> IOException
> {
> if (req.isRequestedSessionIdValid() &&
> globals.getHTTPServletRequest().getCookies()==null)
> {
> Session session = req.getSession(false);
> if (session != null) session.invalidate();
>
> HttpServletRequestWrapper wrappednRequest = new
> HttpServletRequestWrapperOwn(globals.getHTTPServletRequest());
>
> HttpServletResponseWrapper wrappedResponse = new
> HttpServletResponseWrapper(globals.getHTTPServletResponse())
> {
> public String encodeRedirectUrl(String url) {
> return url; }
> public String encodeRedirectURL(String url) {
> return url; }
> public String encodeUrl(String url) { return
> url; }
> public String encodeURL(String url) { return
> url; }
> };
> globals.storeServletRequestResponse(wrappednRequest,
> wrappedResponse);
> globals.storeRequestResponse(new
> RequestImpl(wrappednRequest), new
> ResponseImpl(wrappedResponse));
> }
> return false;
> }
> }
>
>
> //HttpServletRequestWrapperOwn
> public class HttpServletRequestWrapperOwn extends HttpServletRequestWrapper
> {
>
> public HttpServletRequestWrapperOwn(HttpServletRequest request) {
> super(request);
> }
>
> public String getRequestedSessionId(){
> return null;
> }
>
> }
>
>
>
> --
> View this message in context:
> http://www.nabble.com/T5%3A-what-part-of-tapestry-adds-Jsessionid-tp18385573p18385573.html
> Sent from the Tapestry - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
--
Howard M. Lewis Ship
Creator Apache Tapestry and Apache HiveMind
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
