Yep I tried that, but when I converted a working stripping servletfilter to a
requestfiler, I have to deal with tapestry's request and response in
addition to sevlet.HttpServletRequest and servlet.httpServletRepsonse.
Although I override both (Response and HttpServletResponse, since I guess
some code uses Response while some use HttpServletResponse) still no luck.
My code (almost an exact copy of the servlet filter I had ealier, but with
overwriting the Tapestry-reponse as well) is:
public boolean service(Request request, Response response, RequestHandler
handler)
throws IOException {
if (request.isRequestedSessionIdValid() &&
_globals.getHTTPServletRequest().getCookies()==null)
{
Session session = request.getSession(false);
if (session != null) session.invalidate();
// wrap response to remove URL encoding
HttpServletResponse httpResponse =
_globals.getHTTPServletResponse();
HttpServletResponseWrapper wrappedResponse = new
HttpServletResponseWrapper(httpResponse)
{
@Override
public String encodeRedirectUrl(String url) {
return url; }
@Override
public String encodeRedirectURL(String url) {
return url; }
@Override
public String encodeUrl(String url) { return
url; }
@Override
public String encodeURL(String url) { return
url; }
};
response = new ResponseImpl(wrappedResponse);
_globals.storeServletRequestResponse(_globals.getHTTPServletRequest(),
wrappedResponse);
_globals.storeRequestResponse(request, response);
}
return handler.service(request, response);
}
But still JSessionId in the results. (although actionlinks take a cycle more
to pick up the JSessionID than without the filter)
Anyone?
Robert Zeigler wrote:
>
> Just turn your ServletFilter into a RequestFilter.
> You can use ApplicationStateManager in RequestFilters now.
> (See, for example:
> http://code.google.com/p/tapestry5-cayenne/source/browse/trunk/tapestry5-cayenne-server/src/main/java/com/googlecode/tapestry5cayenne/services/CayenneRequestFilter.java)
>
> Robert
>
> On Jul 10, 2008, at 7/1012:30 PM , Britske wrote:
>
>>
>> yeah I realize that JSessionId is there for the session, but I want
>> to build
>> functionality into a dispatcher that strips this jsessionid from the
>> request
>> if a user is not logged in (logged in in my app means that a User-
>> instance
>> exists in the ASM) and if the user has cookies disabled.
>>
>> The rationale is
>> that I don't want search-engines to see the JSessionid, but I want
>> to enable
>> users without cookies to login and track their settings using
>> JSessionID in
>> the url.
>> Since search-engines don't login these 2 groups are nice mutually
>> exclusive
>> and so it's a clean cut when to strip the JSessionid and when not.
>>
>> Except that I'm still not sure how to do it.
>> Wrapping the request and response in a handler (before Tapestry
>> comes in
>> action) and stripping it like that works, but doing it almost
>> exactly the
>> same in a dispather doesn't .
>>
>> That's why I think it has to do with some internal tapestry
>> processing.
>> Do you have an idea where to look?
>>
>>
>> Howard Lewis Ship wrote:
>>>
>>> All the jsessionid functionality is provided by the servlet
>>> container,
>>> not by Tapestry. And it does exactly what you are suggesting ...
>>> except that its not about the user being logged in, its about the
>>> user
>>> have a session.
>>>
>>> On Thu, Jul 10, 2008 at 8:52 AM, Britske <[EMAIL PROTECTED]> wrote:
>>>>
>>>> partially related to a post I send a couple of days ago, but
>>>> perhaps this
>>>> explains better what I'm trying to do.
>>>>
>>>> I'm trying to strip the jSessionId from displaying in the url if:
>>>> 1. user doesn't have cookies (otherwise it won't display anyway)
>>>> 2. user is not logged in.
>>>>
>>>> I wanted to implement this as a filter, but I have to go with a
>>>> dispather
>>>> since to see if a user is logged in I need to have access to the
>>>> ASM,
>>>> which
>>>> I can't get to in a filter.
>>>>
>>>>
>>>> Now somewhere in between all the HttpSevletRequest to
>>>> tapestry.request
>>>> comversion, etc. tapestry decides to take over the JSessionId
>>>> provided by
>>>> the HttpServletRequest. I want to intercept this call somehow and
>>>> strip
>>>> the
>>>> JSessionId from the request.
>>>>
>>>> I implemented a Dispatcher (the last in the line before onActivate
>>>> is
>>>> called) and basically wrapped (subclassed) HttpServletRequest and
>>>> HttpServletResponse to return null for the sessionid and have
>>>> redirecturl
>>>> return url. My own HttpServlet get's called in the app (and
>>>> returns null
>>>> for
>>>> getrequestedSessionId()) This request is added as a constructor
>>>> param to
>>>> a
>>>> newly created tapestry.requestImpl which are both saved to
>>>> RequestGlobals. I
>>>> though that should do the trick
>>>>
>>>> not...
>>>> Apperantly somehow the jsessionid is picked up anyway although (when
>>>> expecting
>>>> requestglobals.getHttpServletRequest.getRequstedSessionId() in
>>>> page.onactivate() this correctly returns null).
>>>>
>>>> Anyone?
>>>> Thanks.
>>>>
>>>> my code:
>>>> //SessionStripController
>>>> public final class SessionStripController implements Dispatcher {
>>>> private ApplicationStateManager asm;
>>>> private RequestGlobals globals;
>>>>
>>>> public SessionStripController(ApplicationStateManager
>>>> asm,RequestGlobals
>>>> globals){
>>>> this.asm = asm;
>>>> this.globals = globals;
>>>> }
>>>>
>>>> public boolean dispatch(Request req, Response response) throws
>>>> IOException
>>>> {
>>>> if (req.isRequestedSessionIdValid() &&
>>>> globals.getHTTPServletRequest().getCookies()==null)
>>>> {
>>>> Session session = req.getSession(false);
>>>> if (session != null) session.invalidate();
>>>>
>>>> HttpServletRequestWrapper wrappednRequest =
>>>> new
>>>> HttpServletRequestWrapperOwn(globals.getHTTPServletRequest());
>>>>
>>>> HttpServletResponseWrapper
>>>> wrappedResponse =
>>>> new
>>>> HttpServletResponseWrapper(globals.getHTTPServletResponse())
>>>> {
>>>> public String encodeRedirectUrl(String
>>>> url) { return url; }
>>>> public String encodeRedirectURL(String
>>>> url) { return url; }
>>>> public String encodeUrl(String url) {
>>>> return url; }
>>>> public String encodeURL(String url) {
>>>> return url; }
>>>> };
>>>>
>>>> globals.storeServletRequestResponse(wrappednRequest,
>>>> wrappedResponse);
>>>> globals.storeRequestResponse(new
>>>> RequestImpl(wrappednRequest), new
>>>> ResponseImpl(wrappedResponse));
>>>> }
>>>> return false;
>>>> }
>>>> }
>>>>
>>>>
>>>> //HttpServletRequestWrapperOwn
>>>> public class HttpServletRequestWrapperOwn extends
>>>> HttpServletRequestWrapper
>>>> {
>>>>
>>>> public HttpServletRequestWrapperOwn(HttpServletRequest
>>>> request) {
>>>> super(request);
>>>> }
>>>>
>>>> public String getRequestedSessionId(){
>>>> return null;
>>>> }
>>>>
>>>> }
>>>>
>>>>
>>>>
>>>> --
>>>> View this message in context:
>>>> http://www.nabble.com/T5%3A-what-part-of-tapestry-adds-Jsessionid-tp18385573p18385573.html
>>>> Sent from the Tapestry - User mailing list archive at Nabble.com.
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>>>> For additional commands, e-mail: [EMAIL PROTECTED]
>>>>
>>>>
>>>
>>>
>>>
>>> --
>>> Howard M. Lewis Ship
>>>
>>> Creator Apache Tapestry and Apache HiveMind
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>>> For additional commands, e-mail: [EMAIL PROTECTED]
>>>
>>>
>>>
>>
>> --
>> View this message in context:
>> http://www.nabble.com/T5%3A-what-part-of-tapestry-adds-Jsessionid-tp18385573p18387981.html
>> Sent from the Tapestry - User mailing list archive at Nabble.com.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
--
View this message in context:
http://www.nabble.com/T5%3A-what-part-of-tapestry-adds-Jsessionid-tp18385573p18400033.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
