Hello again,Chuck Caldarale solved my configuration problem. I then created the code to solve the "shared session" manager problem. I created a test (see attached JAR file) with the solution code which I thought I would share with the Tomcat community in case someone else needs to solve this problem. (Or to compare with your own solution)
Here's the design: I created two classes: SharedSessionManager (SSM) and SharedSessionRequestValve (SSRV). The SSM class is a decorator that delegates most methods to a StandardManager object. The SSM keeps track of a mapping between a global ID (a hijacked session ID) and the container-created session object. The SSM.createSession method attempts to locate the global session; use that if it exists, otherwise delegate the creation to the standard manager. The SSM.findSession method also attempts to locate the global session; use that if it exists or delegate. All other methods delegate to the standard manager.
The global session is stored in SSM by the SSRV class. The SSRV.invoke method does the following: 1) If the GLOBALID cookie is set on the request, tell SSM to use this ID for the global session. 1.1) If the GLOBALID exists but the associated session is invalid, then destroy the GLOBALID (start over)
2) Pass the request to the next valve (ultimately to the webapp) 3) Retrieve the JSESSIONID from the response4) If there was no GLOBALID cookie on the request, then hijack the container-created JSESSIONID as the GLOBALID
4.1) Put the GLOBALID cookie (path=/) on the response4.2) Assign the container-created session to the GLOBALID within the SSM class
Both of these classes must reside in the $TOMCAT_HOME/server/ area; either as raw classes or in a JAR file. It appears, they cannot be put in the common/ or shared/ area.
The last piece of the puzzle is that you need to declare both of these classes in the $TOMCAT_HOME/conf/context.xml file.
That's it. Your webapps do not need any additional code or configuration to take advantage of this functionality. However, note that *every* webapp will now share session objects. It cannot be turned off for specific webapps.
The JAR attachment contains *all* of the necessary files and Ant build script. It also includes the content (JSP files that contain a form to create and display session attributes) to build two WAR files: session1.war and session2.war. The 'webapp' Ant target builds and deploys both the Tomcat-specific files as well as deploying the two webapps. You will need to modify the build.properties file to point to your instance of Tomcat.
To test this I executed the following HTTP requests: * http://localhost:8080/session1/ -- index page * http://localhost:8080/session1/dataForm.jsp Enter form fields: var1 and val1 * http://localhost:8080/session1/dataForm.jsp?attrName=var1&attrValue=val1This request returns to the form and displays the newly set session attributes.
Now go to the second webapp: * http://localhost:8080/session2/ -- index page of other webapps * http://localhost:8080/session2/dataForm.jsp Enter form fields: var2 and val2 * http://localhost:8080/session2/dataForm.jsp?attrName=var2&attrValue=val2Now this page displays both session attributes (var1 from webapp1 and var2 from webapp2).
Attached is the catalina.out log file for this interaction. BTW, I simply used System.out print statements rather than something like Log4J as I didn't want to tweak any additional Tomcat configuration or run scripts.
BTW, I tested this on JDK v1.5 and Tomcat v5.5.I hope that this is useful to a few of you. If you do take a look at the code and have some suggestions for improvement, please let me know.
Cheers, Bryan
Hello Tomcat users, I have a need that I believe Tomcat's pluggable session manager facility can satisfy, but I am having trouble getting it configured. BTW, I have googled and searched the mail archives on this topic and have not found anything useful yet. My application requires a modular architecture in which pluggable modules can be added a removed. We would like to use the web container's ability to deploy, undeploy, and redeploy WAR files as a means to install, uninstall, and upgrade the modules within our system. However, there is also a need to share session state between these modules which is not allowed in the servlet specification. I have researched a few solutions (such as using a Singleton in a common/lib/ package), but these solutions appear to require a non- trivial amount of infrastructure (and configuration of filters and/or session listeners) for every webapp. I would like to avoid all of that explicit infrastructure and hide the complexity by using a custom session manager. Before I proceed with my question, does anyone have any other suggestions for solving the above problem? OK, here is the test case that I am trying. I have created a very simple decorator which implements the org.apache.catalina.Manager interface. It simply delegates all calls to an instance of StandardManager and prints a message to System.out. Attached is the Tomcat config file that I am trying to use to configure my custom session manager. I am trying to use the <DefaultContext> tag to setup the manager on all webapps. Unfortunately, when I run a simple webapp (after restarting Tomcat, ofcourse) I am not seeing any output in any log file (nor to the console) frommy test manager. Is my configuration invalid? What am I missing? Sincere thanks, Bryan
-- *StillSecure* Bryan Basham Senior Software Engineer (UI Development) F 303.381.3881 C 303.917.4546 www.stillsecure.com <http://www.stillsecure.com> /The information transmitted is intended only for the person to whom it is addressed and may contain confidential material. Review or other use of this information by persons other than the intended recipient is prohibited. If you've received this in error, please contact the sender and delete from any computer. /
TestSharedSession.tar.gz
Description: GNU Zip compressed data
Jan 10, 2007 11:01:44 AM org.apache.catalina.core.AprLifecycleListener lifecycleEvent INFO: The Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /usr/local/jdk1.5.0_09/jre/lib/i386/client:/usr/local/jdk1.5.0_09/jre/lib/i386:/usr/local/jdk1.5.0_09/jre/../lib/i386 Jan 10, 2007 11:01:44 AM org.apache.coyote.http11.Http11BaseProtocol init INFO: Initializing Coyote HTTP/1.1 on http-8080 Jan 10, 2007 11:01:44 AM org.apache.catalina.startup.Catalina load INFO: Initialization processed in 973 ms Jan 10, 2007 11:01:44 AM org.apache.catalina.core.StandardService start INFO: Starting service Catalina Jan 10, 2007 11:01:44 AM org.apache.catalina.core.StandardEngine start INFO: Starting Servlet Engine: Apache Tomcat/5.5.20 Jan 10, 2007 11:01:44 AM org.apache.catalina.core.StandardHost start INFO: XML validation disabled Jan 10, 2007 11:01:45 AM org.apache.catalina.startup.HostConfig deployWAR INFO: Deploying web application archive session1.war Jan 10, 2007 11:01:45 AM org.apache.catalina.startup.HostConfig deployWAR INFO: Deploying web application archive session2.war Jan 10, 2007 11:01:45 AM org.apache.coyote.http11.Http11BaseProtocol start INFO: Starting Coyote HTTP/1.1 on http-8080 Jan 10, 2007 11:01:46 AM org.apache.jk.common.ChannelSocket init INFO: JK: ajp13 listening on /0.0.0.0:8009 Jan 10, 2007 11:01:46 AM org.apache.jk.server.JkMain start INFO: Jk running ID=0 time=0/24 config=null Jan 10, 2007 11:01:46 AM org.apache.catalina.storeconfig.StoreLoader load INFO: Find registry server-registry.xml at classpath resource Jan 10, 2007 11:01:46 AM org.apache.catalina.startup.Catalina start INFO: Server startup in 1964 ms com.example.tomcat.SharedSessionRequestValve[/session1] invoke() JSESSIONID is Cookie<name=JSESSIONID value=F0DB5A591DDB2827F1C99A37A4CD7A2D domain=null path=null maxAge=-1 comment=null> GLOBALID is Cookie<name=GLOBALID value=F0DB5A591DDB2827F1C99A37A4CD7A2D domain=null path=null maxAge=-1 comment=null> >>> Throwing out a bad global ID. [EMAIL PROTECTED] findSession( F0DB5A591DDB2827F1C99A37A4CD7A2D ) = null [EMAIL PROTECTED] createSession( null ) = StandardSession[37474D89951F5C03E6B83AABC8A0F91F] >>> Setting the GLOBALID to Cookie<name=GLOBALID >>> value=37474D89951F5C03E6B83AABC8A0F91F domain=null path=/ maxAge=-1 >>> comment=null> >>> Associating globalID with StandardSession[37474D89951F5C03E6B83AABC8A0F91F] com.example.tomcat.SharedSessionRequestValve[/session1] invoke() JSESSIONID is Cookie<name=JSESSIONID value=37474D89951F5C03E6B83AABC8A0F91F domain=null path=null maxAge=-1 comment=null> GLOBALID is Cookie<name=GLOBALID value=37474D89951F5C03E6B83AABC8A0F91F domain=null path=null maxAge=-1 comment=null> >>> Passing global ID to session manager. [EMAIL PROTECTED] findSession( 37474D89951F5C03E6B83AABC8A0F91F ) = StandardSession[37474D89951F5C03E6B83AABC8A0F91F] com.example.tomcat.SharedSessionRequestValve[/session1] invoke() JSESSIONID is Cookie<name=JSESSIONID value=37474D89951F5C03E6B83AABC8A0F91F domain=null path=null maxAge=-1 comment=null> GLOBALID is Cookie<name=GLOBALID value=37474D89951F5C03E6B83AABC8A0F91F domain=null path=null maxAge=-1 comment=null> >>> Passing global ID to session manager. [EMAIL PROTECTED] findSession( 37474D89951F5C03E6B83AABC8A0F91F ) = StandardSession[37474D89951F5C03E6B83AABC8A0F91F] com.example.tomcat.SharedSessionRequestValve[/session1] invoke() JSESSIONID is Cookie<name=JSESSIONID value=37474D89951F5C03E6B83AABC8A0F91F domain=null path=null maxAge=-1 comment=null> GLOBALID is Cookie<name=GLOBALID value=37474D89951F5C03E6B83AABC8A0F91F domain=null path=null maxAge=-1 comment=null> >>> Passing global ID to session manager. [EMAIL PROTECTED] findSession( 37474D89951F5C03E6B83AABC8A0F91F ) = StandardSession[37474D89951F5C03E6B83AABC8A0F91F] com.example.tomcat.SharedSessionRequestValve[/session2] invoke() JSESSIONID is Cookie<name=JSESSIONID value=E4DAE6CF28E02B65718D34E20D970CFE domain=null path=null maxAge=-1 comment=null> GLOBALID is Cookie<name=GLOBALID value=37474D89951F5C03E6B83AABC8A0F91F domain=null path=null maxAge=-1 comment=null> >>> Passing global ID to session manager. [EMAIL PROTECTED] findSession( E4DAE6CF28E02B65718D34E20D970CFE ) = StandardSession[37474D89951F5C03E6B83AABC8A0F91F] com.example.tomcat.SharedSessionRequestValve[/session2] invoke() JSESSIONID is Cookie<name=JSESSIONID value=E4DAE6CF28E02B65718D34E20D970CFE domain=null path=null maxAge=-1 comment=null> GLOBALID is Cookie<name=GLOBALID value=37474D89951F5C03E6B83AABC8A0F91F domain=null path=null maxAge=-1 comment=null> >>> Passing global ID to session manager. [EMAIL PROTECTED] findSession( E4DAE6CF28E02B65718D34E20D970CFE ) = StandardSession[37474D89951F5C03E6B83AABC8A0F91F] com.example.tomcat.SharedSessionRequestValve[/session2] invoke() JSESSIONID is Cookie<name=JSESSIONID value=E4DAE6CF28E02B65718D34E20D970CFE domain=null path=null maxAge=-1 comment=null> GLOBALID is Cookie<name=GLOBALID value=37474D89951F5C03E6B83AABC8A0F91F domain=null path=null maxAge=-1 comment=null> >>> Passing global ID to session manager. [EMAIL PROTECTED] findSession( E4DAE6CF28E02B65718D34E20D970CFE ) = StandardSession[37474D89951F5C03E6B83AABC8A0F91F]
--------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]