Hi ludovic! This is not needed anymore with OWB-1.6 where we store the stuff natively in the session.
Lucas, the main question is whether you use injection in servlets, servlet filters or servlet listeners. If you don’t have that then all you need to do is to add a few owb libs and add WebBeansConfigurationListener to your web.xml. Do you have something to share on github? Otherwise just continue to ask and we will guide you through. LieGrue, strub > Am 27.11.2015 um 14:36 schrieb [email protected]: > > On 27/11/2015 14:10, Romain Manni-Bucau wrote: >> Hi >> >> you can but not using owb-tomcat integration, just openwebbeans-web (+ its >> dependencies) should work. >> >> OWB is known to not work deterministicly with seam cause seam was relying on >> Weld implementation (ie was not respecting the spec). >> >> If you want to migrate (and not just try) you will probably need to go to >> deltaspike as well. > If you do not properly use openwebbeans-tomcat7, by putting it in tomcat/lib, > you will not have OwbSecurityFilter > (org.apache.webbeans.web.tomcat7.TomcatSecurityFilter) and so you will not > have protection against session fixation (see > https://en.wikipedia.org/wiki/Session_fixation ). > > You can get this kind of protection by other means, but you should IMHO pay > attention to this point. > > Ludovic > > | > | AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT. > | >
