|
don't understand with behaviour with tomcat session
Hi all,
I have got a web application(on tomcat server) in which clients have to be logged to enter. And I would like to create only new user's session if user's authentification is successful (login/password correct). So, normaly the number of users logged = number of tomcat's sessions. In my webapps, I use a 'AuthenticationFilter' which implement Filter java Class . When user fill his login and password and click button 'enter', I pass in function 'doFilter ' public class AuthenticationFilter implements Filter { public void init(FilterConfig config) throws ServletException {} public void doFilter(ServletRequest req, ServletResponse res,FilterChain chain) throws IOException, ServletException { HttpSession session = (HttpServletRequest)req).getSession(false); //session is null, ok no problem HttpServletRequest request = (HttpServletRequest)req; //by casting req to HttpServletRequest, a session is created, and I don't understand HttpSession session2 = request.getSession(false); //and now session2 is not null. } public void destroy() {} } I don't understand why when I do this : HttpServletRequest request = (HttpServletRequest)req; a new session is created, (I verified also in tomcat manager) Has anybody already dealed with this problem? I use eclipse too with wtp for debug. |
Re: don't understand with behaviour with tomcat session
Hi,
HttpServletRequest request = (HttpServletRequest) req; should not do any change to session. As you know, it is just a simple JAVA syntax casting the variable down the inheritance tree. So the problem may not happen ONLY in this filter. Will it be something happening on another thread in a servlet class that creates the session? To debug this case, I think the Tomcat Manager cannot reflect the actual case, because when you see the Tomcat Manager, the whole request already finishes. I suggest you to debug the code line by line. Then, you can see whether the session is created before and after your logic above. Harry On Apr 28, 3:21 pm, Nikko <M...@yahoo.fr> wrote: > Hi all, > I have got a web application(on tomcat server) in which clients have to > be logged to enter. And I would like to create only new user's session > if user's authentification is successful (login/password correct). So, > normaly the number of users logged = number of tomcat's sessions. > In my webapps, I use a 'AuthenticationFilter' which implement Filter > java Class . When user fill his login and password and click button > 'enter', I pass in function 'doFilter ' > > public class AuthenticationFilter implements Filter > { > public void init(FilterConfig config) throws ServletException {} > public void doFilter(ServletRequest req, ServletResponse > res,FilterChain chain) throws IOException, ServletException > { > HttpSession session = > (HttpServletRequest)req).getSession(false); > //session is null, ok no problem > HttpServletRequest request = (HttpServletRequest)req; > //by casting req to HttpServletRequest, a session is created, > and I don't understand > HttpSession session2 = request.getSession(false); > //and now session2 is not null. > } > > public void destroy() {} > > } > > I don't understand why when I do this : HttpServletRequest request > = (HttpServletRequest)req; > a new session is created, (I verified also in tomcat manager) > Has anybody already dealed with this problem? > I use eclipse too with wtp for debug. |
| All times are GMT. The time now is 06:19 PM. |
Powered by vBulletin®. Copyright ©2000 - 2013, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.