Jeff Sheets wrote:
I just want to clarify one point of your post.

You're saying that all of the portlets in one war file, thus a part of
the same application, share the same session.  But it's not true that
each "portlet" has it's own session, just each portlet application
[war], right?
Correct.


At least that's how I understood it, but I just wanted to get some clarification from the experts :-)

-- Jeff Sheets


On Sat, 11 Dec 2004 10:13:17 +0100, Ate Douma <[EMAIL PROTECTED]> wrote:




Hema Menon wrote:

Hi,

How can a struts application deployed as a JSR 168 portlet in Jetspeed
1.6 with fusion get the user information and other session variables
in Jetspeed's context? In other words we have some jetspeed 1.5 which
are running under jetspeed 1.6 with fusion. We converted an existing
struts application to be deployed as a portlet in Jetspeed. We have
authentication done thru sybase and when the user logs in user
information and some other relevant information are added to the
session. These variables are available to all the portlets in
jetspeed. However when a struts portlet is added to jetspeed, the
context seems to be different even though it resides in the jetspeed
portal. The question is
1. Is it possible for the struts application to access the session
variables that are added on login?

Yes :-)


2. If it is how can it be done?

There are several factors at play here. First of all, cross-context restrictions. In contrast to other (non-JSR168) portlets, Jetspeed-2 (fusion) deploys its portlet applications as separate web applications and accesses them using the cross-context feature of Tomcat. According to the servlet specs, each web application *must* have its own session, so formally, access to cross-context session is not supported. But, there are two solutions to this problem I know of (if you find more I'd would like to know about it).

1) Use Tomcat 4
Tomcat 4 has the annoying bug in that it does *not* create separate sessions
for cross-context access. Normally, this is quite a security breach and one of
the reasons why I'm never going to use Tomcat 4 again.
But, it might be helpful in your situation. Then, you should have direct access
to your login variables.

2) Make use of (J2) org.apache.jetspeed.Jetspeed.getCurrentRequestContext().
That returns a RequestContext instance which gives you access to the session of 
the
portal (getSessionAttribute() and setSessionAttribute()).

Note: while the RequestContext is defined in the public (J2) jetspeed-api 
package,
the Jetspeed class is *not*. So, you will have to build against the J2 portal.
Furthermore, this is not (yet) a formal supported feature of Jetspeed-2: we (the
team) might conclude that this is too much of a security breach and close that
backdoor in the future. But, in that case I expect us to at least leave 
read-only
access in place as we rely on it ourselves for the J2 management portlets.

Good luck, Ate




Any inputs very much appreciated.

Thanks,
Hema




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Hema Menon

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]






--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]




---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]







---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Reply via email to