HTTP Session problems
Hi, We have a project that is using a single servlet to handle web based requests / responses for every connection to the web site we have a session bean and a http session that gets created. The problem we are experiencing is that when the servlet is destroyed only one session bean is removed from orion. This is always the last user of the site. The rest of our sessions get passivated and we are unable to get these back. Ideally we would like to remove all of the sessions that are created but we have been unable to do so. We have tried to implement the HTTP Binding listener interface to the remote interface of the session bean but the setAttribute method on the http session does not seem to call the valueBound() method of the interface. Any help would be appreciated. Thanks Steven Lamb ISA Developer http://www.isa.net.au
RE: https second session problems...
This makes sense if you think about it since the secure server and the non-secure server are different web-apps. I got around this problem by adding shared='true' to the web-app tag for both web-apps. Now sessions and context information is the same and no more problem. Now -- I'm not sure that this is the right solution, but it makes sense and it works in this limited case. -Original Message- From: Geoff Marshall [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 06, 2001 9:30 AM To: Orion-Interest Subject: https second session problems... First, a thank-you to Jay Armstrong for his SimplePortTester. Indeed, Apache had port 443 locked up even though I thought I had stopped Apache. Here's the problem of the day: I'm only using JSP and Beans. It seems when I switch between http and https, Orion crreates a 'second session'. I have inserted a System.err.println in EVERY method of my SessionBean which has a single boolean property: loggedOn. My comments (//) // run orion [root@daphne orion]# Orion/1.4.5 initialized // with browser hit my index page in http // index page instantiates two DataAccess objects, and // one SessionBean with session scope DataAccess.DataAccess() - constructing... DataAccess.DataAccess() - constructing... SessionBean.SessionBean() - constructing... SessionBean.getCustId() - SessionBean.isLoggedOn() - false // fill out log-on form on index page and log on (re-submits page as https) DataAccess.DataAccess() - constructing... DataAccess.DataAccess() - constructing... SessionBean.SessionBean() - constructing... // ...there you have it, all three session // beans are being instantiated again!!! // EVEN THOUGH my JSESSIONID does not change // (looked at it in my brower) SessionBean.getCustId() - SessionBean.setCustId() - SessionBean.logOn() - // cust now logged on in https // still there on next https page. SessionBean.isLoggedOn() - true SessionBean.getCustId() - 2 // switch to http page, and cust is gone. SessionBean.isLoggedOn() - false // back to https and cust is there again. SessionBean.isLoggedOn() - true SessionBean.getCustId() - 2 SessionBean.isLoggedOn() - false SessionBean.getCustId() - 2 Is this a bug or a feature? If it's a bug or a feature, is there a work-around? It makes no sense to me why you would want to create a second 'session'. -- -Geoff Marshall, Director of Development ... t e r r a s c o p e (415) 951-4944 54 Mint Street, Suite 110 direct (415) 625-0349 San Francisco, CA 94103 fax (415) 625-0306 ...
Re: https second session problems...
Oops, I missed it in my last post... I got the same problem. What I did (and it worked, even as it seems that it shouldn't) was to store a session reference in the application context in the last non-secure page, and then retrieve it in the first secure page. Every object that was store in the session was retrieved. It's been working fine for over a month. Only be sure that you use a unique identifier to store it, and to remove the reference after you use it. It's not as clean as I wish it to be, but works... Final Note: I have the shared=true tag set, it suppose that Sessions are shared too, but they're not. Tuesday, March 06, 2001, 1:30:18 PM, you wrote: GM> First, a thank-you to Jay Armstrong for his SimplePortTester. Indeed, GM> Apache had port 443 locked up even though I thought I had stopped Apache. GM> Here's the problem of the day: GM> I'm only using JSP and Beans. It seems when I switch between http and https, GM> Orion crreates a 'second session'. I have inserted a System.err.println in GM> EVERY method of my SessionBean which has a single boolean property: GM> loggedOn. My comments (//) GM> Is this a bug or a feature? If it's a bug or a feature, is there a GM> work-around? It makes no sense to me why you would want to create a second GM> 'session'. -- Best regards, Rafaelmailto:[EMAIL PROTECTED]
https second session problems...
First, a thank-you to Jay Armstrong for his SimplePortTester. Indeed, Apache had port 443 locked up even though I thought I had stopped Apache. Here's the problem of the day: I'm only using JSP and Beans. It seems when I switch between http and https, Orion crreates a 'second session'. I have inserted a System.err.println in EVERY method of my SessionBean which has a single boolean property: loggedOn. My comments (//) // run orion [root@daphne orion]# Orion/1.4.5 initialized // with browser hit my index page in http // index page instantiates two DataAccess objects, and // one SessionBean with session scope DataAccess.DataAccess() - constructing... DataAccess.DataAccess() - constructing... SessionBean.SessionBean() - constructing... SessionBean.getCustId() - SessionBean.isLoggedOn() - false // fill out log-on form on index page and log on (re-submits page as https) DataAccess.DataAccess() - constructing... DataAccess.DataAccess() - constructing... SessionBean.SessionBean() - constructing... // ...there you have it, all three session // beans are being instantiated again!!! // EVEN THOUGH my JSESSIONID does not change // (looked at it in my brower) SessionBean.getCustId() - SessionBean.setCustId() - SessionBean.logOn() - // cust now logged on in https // still there on next https page. SessionBean.isLoggedOn() - true SessionBean.getCustId() - 2 // switch to http page, and cust is gone. SessionBean.isLoggedOn() - false // back to https and cust is there again. SessionBean.isLoggedOn() - true SessionBean.getCustId() - 2 SessionBean.isLoggedOn() - false SessionBean.getCustId() - 2 Is this a bug or a feature? If it's a bug or a feature, is there a work-around? It makes no sense to me why you would want to create a second 'session'. -- -Geoff Marshall, Director of Development ... t e r r a s c o p e (415) 951-4944 54 Mint Street, Suite 110 direct (415) 625-0349 San Francisco, CA 94103 fax (415) 625-0306 ...
Session problems.
Hi everyone.
I've been having some trouble with HTTP sessions...
if I invalidate a session, and then re-request a page (JSP, servlet)... or just
re-call getSession(), the same ID is used. The session is invalidated
because all of the data is lost, however I don't think that when the client
requests the same session ID, a new session should be assigned that same
ID. This code snippet (JSP) demonstrates the problem:
<%out.println("Initial ID: " +
session.getId() +
"");session.putValue("test","test");out.println("Test data: "
+ session.getValue("test") + "");session.invalidate();session
= request.getSession();out.println("New ID: " + session.getId() +
"");out.println("Test data: " + session.getValue("test") +
"");%>
I've talked to one other person about this problem
already, and he claims that it doesn't appear on his machine.
Anyone have any ideas why it's happening?!
Another problem: when I access pages on my local
machine with MSIE, session information seems to be stored fine... however, in
the servlet, although a call to isRequestedSessionIdFromCookie() confirms that a
cookie is being used, the cookie is nowhere to be found in the Cookie array
returned by getCookies(). It works normally from Netscape. Again,
any ideas?
stefan tryggvason
