On Aug 23, 2013, at 1:25 PM, Nick Williams wrote:
> In the modifyHandshake method of your Configurator, you can call
> getUserProperties on the EndpointConfig argument. This returns a modifiable
> Map<String, Object> that you can add values to. After modifyHandshake returns
> and before onOpen is called, the values from that map are copied to the
> Session, and you can retrieve them by calling Session#getUserProperties().
> That's how I'm passing Cookie and HttpSession objects into my endpoints'
> onOpen methods. For example:
>
> public class MyConfigurator extends ServerEndpointConfig.Configurator {
> public void modifyHandshake(ServerEndpointConfig config, HandshakeRequest
> request, HandshakeResponse response) {
>
> super.modifyHandshake(config, request, response);
> config.getUserProperties.put("httpSessionObject",
> request.getHttpSession());
> }
> }
>
> Then later:
>
> @OnOpen
> public void onOpen(Session session) {
>
> HttpSession httpSession = (HttpSession)
> session.getUserProperties().get("httpSessionObject");
> }
>
> It ain't pretty. IMO, it was a serious design flaw in the spec not to provide
> ways to get the HttpSession and Cookies from the Session object. Maybe I'll
> try to get on the EG for the next version. :-)
>
> N
>
> On Aug 23, 2013, at 1:01 PM, toddfas wrote:
>
>> Our existing web app has custom session management (does not use
>> JSESSIONID) and stores the session identifier in a cookie. The cookie is
>> marked httpOnly (and secure) so the client side Javascript opening the
>> websocket does not have access to it. I want to use this session identifier
>> in ServerEndPoint.onOpen to verify the user attempting to open the
>> Websocket connection and then be able to keep track of the user's context
>> as messages are received and sent over websocket.
>>
>> Thanks for any additional ideas on how to accomplish this.
>> Todd
>>
>>
>> On Fri, Aug 23, 2013 at 10:08 AM, Niki Dokovski <nick...@gmail.com> wrote:
>>
>>> On Fri, Aug 23, 2013 at 7:03 PM, toddfas <todd...@gmail.com> wrote:
>>>
>>>> Thanks very much for the quick response Niki!
>>>>
>>>> I went down the configurator path too, but then I could not find a way
>>>> to pass the cookie values into the ServerEndPoint.onOpen where I need
>>>> to use it. I tried passing it via session.getRequestParameterMap() but
>>>> that is a Collections.unmodifiableMap(). In my scenario the
>>>> session.getHttpSession() is NULL so I can't put it in there. I didn't
>>>> like the idea of putting it in ThreadLocal (unless I am guaranteed by
>>>> the spec that ServerEndPoint.onOpen is always called on the same
>>>> thread that processes the handshake).
>>>>
>>>> That was when I started thinking I must be missing something simple.
>>>> Any suggestions?
>>>>
>>>
>>> Well, onOpen is called after the handshake is finished. [WSC-4.4-1] It
>>> designates an established connection and that means you are already in the
>>> websocket world. I don;t see an easy way for doing this. Can you describe
>>> the use case in greater details. What problem do you solve by having access
>>> to the handshale request headers (incl cookies) in that phase?
>>>
>>>>
>>>> Thanks,
>>>> Todd
>>>>
>>>>
>>>> On Thu, Aug 22, 2013 at 10:12 PM, Niki Dokovski <nick...@gmail.com>
>>> wrote:
>>>>> On Fri, Aug 23, 2013 at 2:58 AM, toddfas <todd...@gmail.com> wrote:
>>>>>
>>>>>> I'm trying to figure out how to get access to the cookies and headers
>>>>>> passed up in the Websocket handshake request on Tomcat 8.
>>>>>>
>>>>>> In Tomcat 7 the whole HttpServletRequest was passed into the
>>>>>> WebSocketServlet. createWebSocketInbound method so it was easy to grab
>>>>>> from the request headers. In Tomcat 8 the querystring and URI are both
>>>>>> exposed by the javax.websocket.Session passed to
>>>>>> ServerEndPoint.onOpen, but I don't see a mechanism for getting the
>>>>>> cookies or headers.
>>>>>>
>>>>>
>>>>> You can supply an extension of
>>>>>
>>>>
>>> http://docs.oracle.com/javaee/7/api/javax/websocket/server/ServerEndpointConfig.Configurator.html
>>>>> and get
>>>>>
>>>>
>>> http://docs.oracle.com/javaee/7/api/javax/websocket/server/HandshakeRequest.html
>>>>> through
>>>>> modifyHandshake invoked by the container during processing of client
>>>> 'GET'
>>>>> handshake message. Handshake request containes methods for inspecting
>>> the
>>>>> http request parameters and headers.
>>>>>
>>>>>
>>>>>
>>>>>> We are integrating Websocket connections into an existing web app and
>>>>>> want to use the cookies set by our web app in the Websocket connection
>>>>>> process.
>>>>>>
>>>>>> Thanks for any insight.
>>>>>> Todd
I'm sorry I top-posted! Didn't mean to. :-)
Nick
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
