The problem is that the server needs to be the one generating the
session id for a number of reasons, i.e.: ensuring it is always unique
and set correctly, and its best left that way... so I think you're
walking down a dark alley and its not likely that the API would ever
allow this as it opens up untold security holes.
Furthermore, without using a URL or cookies to transport the id how do
you propose that the server should communicate it to an agent? ...not
sure if XML over HTTP / SOAP could potentially provide a solution, but
then again you have similar problems with proxies and firewalls etc. in
any event.
Good luck,
Peter
Tom van Wietmarschen wrote:
L.S.,
I was wondering if it is possible to write a custom method of
propagating the session ID between HTTP requests. Specifically: we want
to store the session id in a X-ourcompanyname-sessionid header (we use a
custom http client so we can modify that to send the sessionid back in a
header).
The reason for this is that we have to deal with clients that are using
mobile data connections, and mobile phone operators sometimes feel the
need to mess with a clients cookies and sessions as well as doing other
kinds of nasty things in their proxies. Non-standard headers are usually
left alone.
I've been looking at a way to do this but I can't find a solution,
filters seem to be too late in the chain: a request object is already
created and there is no way to even instantiate a session object from a
self-supplied session-id let alone replace the current session object in
the HttpRequest.
Does anyone known if there is a way to write my own handlers for
retrieving and setting the current sessionid and have tomcat use that
instead of looking at the requesturl or cookies ?
Sincerely,
Tom van Wietmarschen
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]