Re: Servlet HttpSession in webobjects?
Re: Servlet HttpSession in webobjects?
- Subject: Re: Servlet HttpSession in webobjects?
- From: netBrackets <email@hidden>
- Date: Wed, 13 Feb 2008 14:43:13 -0800
Is your intent that you need the
>other application's sessionid so that you can redirect users back to
>that app later and maintain their original session?
That's close. In my reply to the invoking J2EE app I need to send back the session ID I was sent from it, more as a security measure I believe than to maintain a user's original session, although that's probably a byproduct of the protocol.
To take it up another level, what ultimately I'm trying to do is drive a Facebook application (the otherJ2EEApplication in my example) using webobjects. Keep in mind also that I've just started, so I haven't fully investigated the protocol. Perhaps there is a way to configure facebook to send the sessionID in some other fashion, I'll have to do some more reading tonight. I was just hoping perhaps there was an easy way to get the sessionID sent from the app using the webobjects. I have a working j2ee facebook "hello world" program now, I was hoping to use webobjects in the same way without having to change anything on the facebook side.
And I do plan on printing out all the form variables I'm receiving currently, I just haven't gotten around to it yet.
Thanks,
Jeff
On Wednesday, February 13, 2008, at 07:32AM, "Mike Schrag" <email@hidden> wrote:
>Can we step back again and have you explain what you're trying to
>achieve, at a higher level than just this single session value? For
>instance, when you say "otherj2eeAppSession", do you actually mean
>session.getId() from the other app? Is your intent that you need the
>other application's sessionid so that you can redirect users back to
>that app later and maintain their original session? Is
>"otherj2eeAppSession" actually the sessionid of some THIRD j2ee app
>that you have to be able connect to? If you can explain one level up
>what it is you're attempting to do, we might be able to help more than
>than digging around in the details which might not be headed in the
>direction you think it is in the first place.
>
>ms
>
>On Feb 13, 2008, at 12:45 AM, Jeff Schmitz wrote:
>
>>> What you most likely want to do is call your DA and manually pass
>>> the session ID as a query parameter, for instance:
>>>
>> The trouble is, I have no control over this. The session ID gets
>> passed as it gets passed, nothing I can do about it I don't think
>> because it's not my app. I just give it the link, and it decides
>> how the session ID is passed. That being the case, looks like the
>> answer is I'm out of luck, right?
>>
>> Thanks,
>> Jeff
>>
>> On Feb 12, 2008, at 11:26 PM, Mike Schrag wrote:
>>
>>>>> It is going to be sending a session identifier. This is going
>>>>> to be either in the form values or in the HTTP headers.
>>>> I don't see it in the URL, so I'm guessing it must come over as a
>>>> form variable. If so, using my last e-mail as an example j2ee
>>>> equivalent of what I want to do, i.e.:
>>>>
>>>> String sessionKey = (String)
>>>> session.getAttribute("otherj2eeAppSession");
>>>>
>>>> should I be able to get it simply by doing:
>>>>
>>>> String sessionKey = (String)
>>>> this.request().formValueForKey("otherj2eeAppSession");
>>> 1) If you're calling session.getAttribute("otherj2eeAppSession") in
>>> your j2ee app to get this value, there's no way to get this value
>>> from your WO app. A session attribute is a key-value pair _inside_
>>> of an HttpSession, which you don't have (and cannot get without
>>> literally serializing the session and sending it over in some
>>> custom way).
>>>
>>> 2) The only thing you can possibly get is one of:
>>> 2a) a form parameter that you manually pass to your DA as a query
>>> string parameter
>>> 2b) a form parameter that you manually pass to your DA via a post
>>> parameter
>>> 2c) a cookie value provided both of your apps are on the same host
>>> and the cookie is configured at the root
>>>
>>> What you most likely want to do is call your DA and manually pass
>>> the session ID as a query parameter, for instance:
>>>
>>> http://yourhost.com/cgi-bin/WebObjects/YourApp.woa/wa/yourDirectAction?otherj2eeAppSession=xyz
>>>
>>> at which point, yes you could call
>>> request().stringFormValueForKey("otherj2eeAppSession") and get the
>>> value.
>>>
>>> ms
>>> _______________________________________________
>>> Do not post admin requests to the list. They will be ignored.
>>> Webobjects-dev mailing list (email@hidden)
>>> Help/Unsubscribe/Update your Subscription:
>>>
>>> This email sent to email@hidden
>>
>
>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden