"David M. Rosner" wrote:
> Hello All,
>
> As a developer using Tomcat, is there anyway to override or add logic to
> parts of Tomcat's session tracking/setting mechanisms? Or do I need to get
> my hands on the source code, make changes, and then recompile?
>
> Basically I want to add my own session tracking ALONG with Tomcat's so that
> my network load balancer can use the values to create sticky sessions.
>
> Thanks
Hi :-) I am not sure, I suggest you read the following:
On Mon, 14 May 2001, Mihai Popoaei wrote:
> Hello,
>
> How can I have the same session for many web sites?
>
> By default, for the first request tomcat creates a implicit session and
> sends a cookie with domain=servername. What I wanna do is setting this
> cookie for domain=partian domain name (like .kiki.ro) (that means this
> cookie will come back for all the hosts ending with .kiki.ro and I'll have
> the same session for all the sites :)). I think I have to say that I use
> the same application context for all this sites...
>
> Another problem is using the same session between applications... I know
> it is not conform the sun specifications (... HttpSession objects must be
> scoped at the application / servlet context level. The underlying
> mechanism, such as the cookie used to establish the session, can be shared
> between contexts, but the object exposed, and more importantly the
> attributes in that object, must not be shared between contexts. ...),
> but there must be a way to do that...
>
...
You are perfectly free to "roll your own" session implementation that
meets your needs (cross-host and cross-webapp). However, the standard
APis don't support these uses, so this will definitely be an application
specific (and probably Tomcat-specific) approach.
When you try this, you'll discover that having a cookie recognized
correctly is the least of your problems. You'll also need to ensure that
all of the classes are loaded from a shared class loader -- classes that
are loaded from one web-app's /WEB-INF/classes or /WEB-INF/lib directory
are not visible to any other web-app.
> thx,
> --
> :], Mihai P.
>
Craig
...
As long as you know this is not standard :-), you will have to make some
changes to the session interceptor or create a new one.
In 3.3, the code is in modules.session.SessionId, you should probably
create a new module, add an option and code that supports what you
need, and maybe publish the changes for others :-)
I don't think this can be commited in jakarta-tomcat, as it is not
standard and it's not a required feature, but it would be nice to have it
somewhere.
Costin
Bo
May.16, 2001
