On Fri, Aug 23, 2013 at 11:25 AM, Nick Williams <
nicho...@nicholaswilliams.net> wrote:
> In the modifyHandshake method of your Configurator, you can call
> getUserProperties on the EndpointConfig argument. This returns a modifiable
> Map<String, Object> that you can add values to. After modifyHandshake
> returns and before onOpen is called, the values from that map are copied to
> the Session, and you can retrieve them by calling
> Session#getUserProperties(). That's how I'm passing Cookie and HttpSession
> objects into my endpoints' onOpen methods. For example:
>
> public class MyConfigurator extends ServerEndpointConfig.Configurator {
> public void modifyHandshake(ServerEndpointConfig config,
> HandshakeRequest request, HandshakeResponse response) {
>
> super.modifyHandshake(config, request, response);
> config.getUserProperties.put("httpSessionObject",
> request.getHttpSession());
> }
> }
>
> Then later:
>
> @OnOpen
> public void onOpen(Session session) {
>
> HttpSession httpSession = (HttpSession)
> session.getUserProperties().get("httpSessionObject");
> }
>
> It ain't pretty. IMO, it was a serious design flaw in the spec not to
> provide ways to get the HttpSession and Cookies from the Session object.
> Maybe I'll try to get on the EG for the next version. :-)
>
> N
>
> On Aug 23, 2013, at 1:01 PM, toddfas wrote:
>
> > Our existing web app has custom session management (does not use
> > JSESSIONID) and stores the session identifier in a cookie. The cookie is
> > marked httpOnly (and secure) so the client side Javascript opening the
> > websocket does not have access to it. I want to use this session
> identifier
> > in ServerEndPoint.onOpen to verify the user attempting to open the
> > Websocket connection and then be able to keep track of the user's context
> > as messages are received and sent over websocket.
> >
> > Thanks for any additional ideas on how to accomplish this.
> > Todd
> >
> >
> > On Fri, Aug 23, 2013 at 10:08 AM, Niki Dokovski <nick...@gmail.com>
> wrote:
> >
> >> On Fri, Aug 23, 2013 at 7:03 PM, toddfas <todd...@gmail.com> wrote:
> >>
> >>> Thanks very much for the quick response Niki!
> >>>
> >>> I went down the configurator path too, but then I could not find a way
> >>> to pass the cookie values into the ServerEndPoint.onOpen where I need
> >>> to use it. I tried passing it via session.getRequestParameterMap() but
> >>> that is a Collections.unmodifiableMap(). In my scenario the
> >>> session.getHttpSession() is NULL so I can't put it in there. I didn't
> >>> like the idea of putting it in ThreadLocal (unless I am guaranteed by
> >>> the spec that ServerEndPoint.onOpen is always called on the same
> >>> thread that processes the handshake).
> >>>
> >>> That was when I started thinking I must be missing something simple.
> >>> Any suggestions?
> >>>
> >>
> >> Well, onOpen is called after the handshake is finished. [WSC-4.4-1] It
> >> designates an established connection and that means you are already in
> the
> >> websocket world. I don;t see an easy way for doing this. Can you
> describe
> >> the use case in greater details. What problem do you solve by having
> access
> >> to the handshale request headers (incl cookies) in that phase?
> >>
> >>>
> >>> Thanks,
> >>> Todd
> >>>
> >>>
> >>> On Thu, Aug 22, 2013 at 10:12 PM, Niki Dokovski <nick...@gmail.com>
> >> wrote:
> >>>> On Fri, Aug 23, 2013 at 2:58 AM, toddfas <todd...@gmail.com> wrote:
> >>>>
> >>>>> I'm trying to figure out how to get access to the cookies and headers
> >>>>> passed up in the Websocket handshake request on Tomcat 8.
> >>>>>
> >>>>> In Tomcat 7 the whole HttpServletRequest was passed into the
> >>>>> WebSocketServlet. createWebSocketInbound method so it was easy to
> grab
> >>>>> from the request headers. In Tomcat 8 the querystring and URI are
> both
> >>>>> exposed by the javax.websocket.Session passed to
> >>>>> ServerEndPoint.onOpen, but I don't see a mechanism for getting the
> >>>>> cookies or headers.
> >>>>>
> >>>>
> >>>> You can supply an extension of
> >>>>
> >>>
> >>
> http://docs.oracle.com/javaee/7/api/javax/websocket/server/ServerEndpointConfig.Configurator.html
> >>>> and get
> >>>>
> >>>
> >>
> http://docs.oracle.com/javaee/7/api/javax/websocket/server/HandshakeRequest.html
> >>>> through
> >>>> modifyHandshake invoked by the container during processing of client
> >>> 'GET'
> >>>> handshake message. Handshake request containes methods for inspecting
> >> the
> >>>> http request parameters and headers.
> >>>>
> >>>>
> >>>>
> >>>>> We are integrating Websocket connections into an existing web app and
> >>>>> want to use the cookies set by our web app in the Websocket
> connection
> >>>>> process.
> >>>>>
> >>>>> Thanks for any insight.
> >>>>> Todd
> >>>>>
> >>>>> ---------------------------------------------------------------------
> >>>>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> >>>>> For additional commands, e-mail: users-h...@tomcat.apache.org
> >>>>>
> >>>>>
> >>>
> >>> ---------------------------------------------------------------------
> >>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> >>> For additional commands, e-mail: users-h...@tomcat.apache.org
> >>>
> >>>
> >>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
This worked great Nick - thanks very much for the assistance! Yes, I agree
it is not the cleanest but glad there is a workable solution.
Appreciate the pointer.
Todd
