So you want encrypt the session id?
p On 15 Oct 2010, at 17:33, Juliano Daloia de Carvalho <judac2...@yahoo.com.br> wrote: > I need to change the value of the sessionID. If I let this to be done on the > servlet, tomcat won't be able to identify the real session, and will send a > redirect to login page. > > > > > ----- Mensagem original ---- > De: Pid <p...@pidster.com> > Para: Tomcat Users List <users@tomcat.apache.org> > Enviadas: Sexta-feira, 15 de Outubro de 2010 13:19:54 > Assunto: Re: Res: JSESSIONID Cookie handle customizing > > On 15/10/2010 17:02, Juliano Daloia de Carvalho wrote: >> I'll inject code using an agent. >> >> The thing is that I need to know for sure the message entering point on >> Tomcat, >> >> and the leaving point also, so I can be able to sniff if the clients message >> has >> >> the Cookie info with JSESSIONID= or not. and before sending to check if >> tomcat > >> sent set-cookie on header so I can make the change needed. > > Why? What does the code do that can't be done via a Servlet Filter? > > > p > > >> ----- Mensagem original ---- >> De: Pid <p...@pidster.com> >> Para: Tomcat Users List <users@tomcat.apache.org> >> Enviadas: Sexta-feira, 15 de Outubro de 2010 12:20:37 >> Assunto: Re: JSESSIONID Cookie handle customizing >> >> On 15/10/2010 15:15, Juliano Daloia de Carvalho wrote: >>> Hi Folks! >>> >>> I want to put some information on the JSESSIONID that tomcat >>> generates. >> >> >>> I'm using aspect programming so I donĀ“t need to change the tomcat code >>> itself. >> >> >> >> What information? >> >>> The >>> >>> thing is that I found many points where tomcat handle this information, I >>> checked and notice that the head parser is made on the method parseSessionId >>> and >>> >>> >>> parseSessionCookiesId in the class >> org.apache.catalina.connector.CoyoteAdapter. >>> >>> I'm not convinced that there is the perfect point to make my code injection. >> >> You are planning to inject code into the container, from a web application? >> >> >> p >> >>> I need to find out the exactly point that this information (Cookie >>> JSESSIONID=2222222222) is received by Tomcat and where tomcat sends this >>> information to the browser, in other words, the first contact with this >>> information >>> >>> when browser sends and the last contact before sending to browser. >>> >>> >>> Thanks. >>> >>> >>> Juliano >>> >>> >>> >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>> For additional commands, e-mail: users-h...@tomcat.apache.org >>> >> >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
