On Aug 23, 2013, at 1:25 PM, Nick Williams wrote: > In the modifyHandshake method of your Configurator, you can call > getUserProperties on the EndpointConfig argument. This returns a modifiable > Map<String, Object> that you can add values to. After modifyHandshake returns > and before onOpen is called, the values from that map are copied to the > Session, and you can retrieve them by calling Session#getUserProperties(). > That's how I'm passing Cookie and HttpSession objects into my endpoints' > onOpen methods. For example: > > public class MyConfigurator extends ServerEndpointConfig.Configurator { > public void modifyHandshake(ServerEndpointConfig config, HandshakeRequest > request, HandshakeResponse response) { > > super.modifyHandshake(config, request, response); > config.getUserProperties.put("httpSessionObject", > request.getHttpSession()); > } > } > > Then later: > > @OnOpen > public void onOpen(Session session) { > > HttpSession httpSession = (HttpSession) > session.getUserProperties().get("httpSessionObject"); > } > > It ain't pretty. IMO, it was a serious design flaw in the spec not to provide > ways to get the HttpSession and Cookies from the Session object. Maybe I'll > try to get on the EG for the next version. :-) > > N > > On Aug 23, 2013, at 1:01 PM, toddfas wrote: > >> Our existing web app has custom session management (does not use >> JSESSIONID) and stores the session identifier in a cookie. The cookie is >> marked httpOnly (and secure) so the client side Javascript opening the >> websocket does not have access to it. I want to use this session identifier >> in ServerEndPoint.onOpen to verify the user attempting to open the >> Websocket connection and then be able to keep track of the user's context >> as messages are received and sent over websocket. >> >> Thanks for any additional ideas on how to accomplish this. >> Todd >> >> >> On Fri, Aug 23, 2013 at 10:08 AM, Niki Dokovski <nick...@gmail.com> wrote: >> >>> On Fri, Aug 23, 2013 at 7:03 PM, toddfas <todd...@gmail.com> wrote: >>> >>>> Thanks very much for the quick response Niki! >>>> >>>> I went down the configurator path too, but then I could not find a way >>>> to pass the cookie values into the ServerEndPoint.onOpen where I need >>>> to use it. I tried passing it via session.getRequestParameterMap() but >>>> that is a Collections.unmodifiableMap(). In my scenario the >>>> session.getHttpSession() is NULL so I can't put it in there. I didn't >>>> like the idea of putting it in ThreadLocal (unless I am guaranteed by >>>> the spec that ServerEndPoint.onOpen is always called on the same >>>> thread that processes the handshake). >>>> >>>> That was when I started thinking I must be missing something simple. >>>> Any suggestions? >>>> >>> >>> Well, onOpen is called after the handshake is finished. [WSC-4.4-1] It >>> designates an established connection and that means you are already in the >>> websocket world. I don;t see an easy way for doing this. Can you describe >>> the use case in greater details. What problem do you solve by having access >>> to the handshale request headers (incl cookies) in that phase? >>> >>>> >>>> Thanks, >>>> Todd >>>> >>>> >>>> On Thu, Aug 22, 2013 at 10:12 PM, Niki Dokovski <nick...@gmail.com> >>> wrote: >>>>> On Fri, Aug 23, 2013 at 2:58 AM, toddfas <todd...@gmail.com> wrote: >>>>> >>>>>> I'm trying to figure out how to get access to the cookies and headers >>>>>> passed up in the Websocket handshake request on Tomcat 8. >>>>>> >>>>>> In Tomcat 7 the whole HttpServletRequest was passed into the >>>>>> WebSocketServlet. createWebSocketInbound method so it was easy to grab >>>>>> from the request headers. In Tomcat 8 the querystring and URI are both >>>>>> exposed by the javax.websocket.Session passed to >>>>>> ServerEndPoint.onOpen, but I don't see a mechanism for getting the >>>>>> cookies or headers. >>>>>> >>>>> >>>>> You can supply an extension of >>>>> >>>> >>> http://docs.oracle.com/javaee/7/api/javax/websocket/server/ServerEndpointConfig.Configurator.html >>>>> and get >>>>> >>>> >>> http://docs.oracle.com/javaee/7/api/javax/websocket/server/HandshakeRequest.html >>>>> through >>>>> modifyHandshake invoked by the container during processing of client >>>> 'GET' >>>>> handshake message. Handshake request containes methods for inspecting >>> the >>>>> http request parameters and headers. >>>>> >>>>> >>>>> >>>>>> We are integrating Websocket connections into an existing web app and >>>>>> want to use the cookies set by our web app in the Websocket connection >>>>>> process. >>>>>> >>>>>> Thanks for any insight. >>>>>> Todd
I'm sorry I top-posted! Didn't mean to. :-) Nick --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org