The JSESSIONID that is stored in the cookie is a session id generated by the servlet container for session tracking; I'm not sure the bindings to get the user credentials from that alone.
In the context of a dv plugin, there is another session attribute, userCredentials, that stores username and password for the current user. There is a code example of using this session attribute available here: http://arswiki.org/projects/dvpfw/browser/trunk/src/org/arswiki/dvplugin/util/Joarse.java#L61 There are two dv plugin examples on the arswiki site, but neither leverages the event infrastructure; it is on the todo list for the dvpfw project: http://arswiki.org/projects/dvpfw http://arswiki.org/projects/dvphw1 It seems that most mid-tier servlets extend GoatHttpServlet, which has the UserCredentials object available. An example of this is available in the browserstats app. This is basically a standalone servlet that does not use the dv plugin framework, but gets at the usercredentials object available in the session: http://arswiki.org/projects/browserstats/browser/trunk/java/src/org/arswiki/browserstats/StatsServlet.java#L118 These are just a few ways at getting to the user credentials from a servlet. I would advocate the use of a dv plugin for your task. For the browserstats app, I wanted a servlet I could send a request to asynchronous to the loading of the mid-tier page, which a dv plugin wouldn't help me with. This is why I took the approach I did in this case. Axton Grams On 5/14/07, dannian <[EMAIL PROTECTED]> wrote:
Hi Vipin, Axton, Carey, thanks for your replay. My current workaround is: Made the url link in marquee direct to a server side jsp, which redirect with EID parameter with a restricted read user and password, so the credential are stay behind net, and license overwrite warnings didn't show up again. But you see it's just a workaround, thought customers are happy enough to see text scrolling. It's great to know DVF hold user session, so I think DVF is worth to have a study further. I learned another cool thing, there are some events can be sent from DVF to MT and parent form, one usage is: EventDispatcher.sendEventToParent(evtType, evtData) So we can make a call back to let active link catch to ball. What I need now is: any DVF example in our community? In CIviewer package? Axton, I also understand that, password should be secure. In L.J. Head's Login.jsp Manipulation thread, you are studing get JSESSIONID using request.getCookies() in jsp, can I put them in the redirect jsp to let current use open a entry with those cookie? Regards, Danny "Carey Matthew Black" <[EMAIL PROTECTED]> 写入邮件 news:[EMAIL PROTECTED]> Danny, > > My best guess is that your solution can be found in the DVF framework. > ( You said your using v7.0.1 so it is an option to you.) > > The DVF is a lot like a "View field" in so much as it is a "iframe" > like object that leaves you with HTML being displayed. However is is > much more than a View field as it holds the users current "session" > for you. ( and provides standard ways to programmatically get at that > session.) > > However you really have not defined what your trying to do with the > session. So it could be that your really trying way to hard to solve > your problem too. > > Good luck > > > -- > Carey Matthew Black > Remedy Skilled Professional (RSP) > ARS = Action Request System(Remedy) > > Love, then teach > Solution = People + Process + Tools > Fast, Accurate, Cheap.... Pick two. > > > On 5/1/07, Danny Yan <[EMAIL PROTECTED]> wrote: > > ** Hi Listers, > > > > After read emails about ravelling message, I found the def files from > > community download, but any of the three forms refused to be import. (AR 701 > > w/o patches), the error message is "input buffer is null", after read the > > def file, I saw some French, such as Historique..., I guess it's the > > problem. Any ideas? > > > > So I just followed previous email explaining marquee, and fill the view > > field, it works to scroll with link, but the problem is: > > > > When the link( listed below) is clicked in browser, a new window is opened > > with login page. If I use the original support user to login, i.e. Sam > > Secoundlevel, but not Demo, there will be a error, saying "the user is > > already loged on from another machine" and failed to log on. I think maybe I > > should not use ViewFromSerlet action, it will generate a new session. How > > about open form and view directly? > > > > http://<web > > server>/arsys/servlet/ViewFormServlet?server=<ARServer>&username=<user>&pwd=<pwd>&form=SHR%3ABulletin&view=<viewname>&eie=$colBBEntryID$ > > > > -- > > Regards, > > > > Danny Yan > > _______________________________________________________________________________ > UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are"