Re: retrieving HttpSession in Filter?

Fri, 16 Aug 2002 22:49:25 -0700 

Try moving line 10 between lines 3 and 4, just before
the call to chain.doFilter(...).  Does it work before
invoking the servlet?

In general, it's bad practice to create/modify session
data after a servlet has completed or even after it
has begun writing, especially if you use cookies for
session tracking.  This is because the [buffered]
response could be flushed and the session cookie
wouldn't be guaranteed a chance to be written as an
HTTP response header.

Hope that helps,
-Eddie

--- tek1 <[EMAIL PROTECTED]> wrote:
> hello.
> 
> in a filter, is it possible to cast the
> ServletRequest to a 
> HttpServletRequest and retrieve the HttpSession
> object, *if* the session 
> has never been created before?
> 
> i tried the following:
> 
> 1  public void doFilter(ServletRequest req,
> ServletResponse res, 
> FilterChain chain) throws IOException,
> ServletException {
> 2
> 3     HttpServletRequest hreq = (HttpServletRequest)req;
> 4     chain.doFilter(hreq,res);
> 5
> 6     // if it's the client's first access, the below
> returns false
> 7     if( hreq.isRequestedSessionIdValid() ) {
> 8             // ...not processed; go to else clause below...
> 9     } else {
> 10            String sid = hreq.getSession().getId();
> 11    }
> 12 }
> 
> the request hangs on line 10 (which is when a client
> is accessing for the 
> *first time*).
> 
> however, if the servlet (that receives the request
> in "doFilter()") calls 
> request.getSession(), then the above filter is able
> to retrieve the 
> HttpSession without a problem.
> 
> is a filter prevented from creating a *new*
> HttpSession object?
> 
> most likely, i'll be calling the
> request.getSession() in my servlet, so it 
> shouldn't be a problem, but i discovered this before
> placing the 
> request.getSession() code in my servlet.
> 
> thank you.
> 
> 
> tomcat:       4.0.4
> os:           windows2000
> jdk:          1.3.1_04 
> 
> 
> --
> To unsubscribe, e-mail:  
> <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
> <mailto:[EMAIL PROTECTED]>
> 


__________________________________________________
Do You Yahoo!?
HotJobs - Search Thousands of New Jobs
http://www.hotjobs.com

--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Reply via email to