Re: What is allowed to do with a HttpServletRequest ?

2005-07-14 Thread Bill Barker 

"cristi" <[EMAIL PROTECTED]> wrote in message 
news:[EMAIL PROTECTED]
> Hello all
>
> I have a web application where I need to use in a second request the
> HttpServletRequest object sent to the same servelet in the first
> request.
>
> Here is what my servlet looks like :
>
> public void doGet( HttpServletRequest request, HttpServletResponse 
> response )
> {
> /*
> some code here detecting if this request
> is the first one. This code initializes
> isFirstRequest
> */
>
>if( isFirstRequest )
>{
> session.setAttribute( "FIRST_REQUEST_OBJECT", request );
> request.getRequestDispatcher("somepage.jsp").forward(request, response);
>}
>else
>{
> HttpServletRequest oreq = 
> (HttpServletRequest)session.getAttribute("FIRST_REQUEST_OBJECT");
> request.getRequestDispatcher("somepage.jsp").forward(oreq, response);
>}
>
> }
>
> It seems that it is not safe to do so. What can I do to handle this 
> situation ?
>

According to the spec (section 8.2 for those of you following along at home 
:), the only safe HttpServletRequest to pass is the one that was passed into 
the Servlet, or a child of HttpServletRequestWrapper that wraps the one that 
was passed into the Servlet.

Tomcat happens to be very lenient in inforcing this restriction among 
Servlet-Containers out there.  The other-guys would probably throw an 
exception straight away for attempting something like the above.

> Thx.
> Cristi 




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: What is allowed to do with a HttpServletRequest ?

2005-07-14 Thread Peter Crowther 
> From: cristi [mailto:[EMAIL PROTECTED] 
> I have a web application where I need to use in a second request the
> HttpServletRequest object sent to the same servelet in the first
> request.
[...]
>   session.setAttribute( "FIRST_REQUEST_OBJECT", request );

Unsafe.  Servlet containers may re-use request objects between
invocations.  Can't remember for sure, but I think Tomcat does so.  So
your second request object may be identical to your first request
object.

> It seems that it is not safe to do so. What can I do to 
> handle this situation ?

As Guillaume said: copy the state you need from the first request into
the session, rather than storing the entire request.

- Peter

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: What is allowed to do with a HttpServletRequest ?

2005-07-14 Thread Guillaume Lederrey 
The question is probably : "why do you need to refer to the first
request ?". Dont you need to actually refer to some state of the
request ? Could you extract that state from the request instead of
storing the full request ?

  Maybe I'm just asking a dumb question, but I have problem
understanding why you would need the whole request ...

On 7/14/05, cristi <[EMAIL PROTECTED]> wrote:
> Hello all
> 
> I have a web application where I need to use in a second request the
> HttpServletRequest object sent to the same servelet in the first
> request.
> 
> Here is what my servlet looks like :
> 
> public void doGet( HttpServletRequest request, HttpServletResponse response )
> {
>  /*
>  some code here detecting if this request
>  is the first one. This code initializes
>  isFirstRequest
>  */
> 
> if( isFirstRequest )
> {
> session.setAttribute( "FIRST_REQUEST_OBJECT", request );
> request.getRequestDispatcher("somepage.jsp").forward(request, 
> response);
> }
> else
> {
> HttpServletRequest oreq = 
> (HttpServletRequest)session.getAttribute("FIRST_REQUEST_OBJECT");
> request.getRequestDispatcher("somepage.jsp").forward(oreq, response);
> }
> 
> }
> 
> It seems that it is not safe to do so. What can I do to handle this situation 
> ?
> 
> Thx.
> Cristi
> 
> 
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
>

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

What is allowed to do with a HttpServletRequest ?

2005-07-14 Thread cristi 

Hello all

I have a web application where I need to use in a second request the
HttpServletRequest object sent to the same servelet in the first
request.

Here is what my servlet looks like :

public void doGet( HttpServletRequest request, HttpServletResponse response )
{
/*
some code here detecting if this request
is the first one. This code initializes
isFirstRequest
*/

   if( isFirstRequest )
   {
session.setAttribute( "FIRST_REQUEST_OBJECT", request );
request.getRequestDispatcher("somepage.jsp").forward(request, response);
   }
   else
   {
HttpServletRequest oreq = 
(HttpServletRequest)session.getAttribute("FIRST_REQUEST_OBJECT");
request.getRequestDispatcher("somepage.jsp").forward(oreq, response);
   }

}

It seems that it is not safe to do so. What can I do to handle this situation ?

Thx.
Cristi


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]