Try moving line 10 between lines 3 and 4, just before the call to chain.doFilter(...). Does it work before invoking the servlet?
In general, it's bad practice to create/modify session data after a servlet has completed or even after it has begun writing, especially if you use cookies for session tracking. This is because the [buffered] response could be flushed and the session cookie wouldn't be guaranteed a chance to be written as an HTTP response header. Hope that helps, -Eddie --- tek1 <[EMAIL PROTECTED]> wrote: > hello. > > in a filter, is it possible to cast the > ServletRequest to a > HttpServletRequest and retrieve the HttpSession > object, *if* the session > has never been created before? > > i tried the following: > > 1 public void doFilter(ServletRequest req, > ServletResponse res, > FilterChain chain) throws IOException, > ServletException { > 2 > 3 HttpServletRequest hreq = (HttpServletRequest)req; > 4 chain.doFilter(hreq,res); > 5 > 6 // if it's the client's first access, the below > returns false > 7 if( hreq.isRequestedSessionIdValid() ) { > 8 // ...not processed; go to else clause below... > 9 } else { > 10 String sid = hreq.getSession().getId(); > 11 } > 12 } > > the request hangs on line 10 (which is when a client > is accessing for the > *first time*). > > however, if the servlet (that receives the request > in "doFilter()") calls > request.getSession(), then the above filter is able > to retrieve the > HttpSession without a problem. > > is a filter prevented from creating a *new* > HttpSession object? > > most likely, i'll be calling the > request.getSession() in my servlet, so it > shouldn't be a problem, but i discovered this before > placing the > request.getSession() code in my servlet. > > thank you. > > > tomcat: 4.0.4 > os: windows2000 > jdk: 1.3.1_04 > > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > __________________________________________________ Do You Yahoo!? HotJobs - Search Thousands of New Jobs http://www.hotjobs.com -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>