You are viewing a plain text version of this content. The canonical link for it is here.
Posted to pluto-dev@portals.apache.org by Nick Lothian <ni...@essential.com.au> on 2004/10/07 07:05:10 UTC
RE: Cross Context Sessions (was RE: Defining the release)
I'll try to write some (non portlet based) test cases, and attach them to
the report
> -----Original Message-----
> From: David H. DeWolf [mailto:ddewolf@apache.org]
> Sent: Thursday, 7 October 2004 2:36 PM
> To: pluto-dev@portals.apache.org
> Subject: Cross Context Sessions (was RE: Defining the release)
>
>
> I think we need to put together some more tests to verify,
> but I *think*
> that it may be possible to retrieve the session again from
> another INCLUDED
> resource which is also "shadowing" the originating session.
> If it's not the
> case now, since it doesn't require the writing of a cookie or
> url rewriting,
> we may be able to get Remy to add that fix. I guess that's a
> step in the
> right direction but it's still not good enough to meet the
> portlet spec.
>
> I wonder what the JSR-168 team's interpretation of this is?
> Obviously they
> had figured it could be implemented somehow since the portlet
> spec depends
> on it. Stephen, do you have any insight (or pull to help us
> get this pushed
> through)?
>
> Perhaps if some more of you comment on the bugzilla entry we
> can get some
> more visibility and they'll see that it's more than just one
> or two of us
> that need this functionality.
>
> David
>
> > -----Original Message-----
> > From: Nick Lothian [mailto:nick.lothian@essential.com.au]
> > Sent: Wednesday, October 06, 2004 11:55 PM
> > To: 'pluto-dev@portals.apache.org'
> > Subject: RE: Defining the release
> >
> >
> > That's how I read it.
> >
> > So if you put something in the session it is impossible for
> > you ever to
> > retrieve it, right?
> >
> > Nick
> >
> > > -----Original Message-----
> > > From: David H. DeWolf [mailto:ddewolf@apache.org]
> > > Sent: Thursday, 7 October 2004 2:20 PM
> > > To: pluto-dev@portals.apache.org
> > > Subject: RE: Defining the release
> > >
> > >
> > > Good Question.
> > >
> > > I think what he's saying is that tomcat's implementation
> > uses the same
> > > sessionId that the originating session uses and thus a cookie
> > > and/or url
> > > encoding isn't needed.
> > >
> > > The problem with this thinking is that a session is totally
> > > useless unless
> > > you can retrieve it during subsequent requests. If this is
> > > going to be
> > > their position, then there's no way to implement what we're
> > > talking about. .
> > > .grrrr!
> > >
> > > Anyone have any bright ideas?
> > >
> > > David
> > >
> > > > -----Original Message-----
> > > > From: Nick Lothian [mailto:nick.lothian@essential.com.au]
> > > > Sent: Wednesday, October 06, 2004 11:41 PM
> > > > To: 'pluto-dev@portals.apache.org'
> > > > Subject: RE: Defining the release
> > > >
> > > >
> > > >
> > > > I'm trying to understand Remy's latest comment on the Tomcat
> > > > bug causing
> > > > this: http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4690
> > > >
> > > > He says: "The included session is merely a shadow of the
> > > > including session.
> > > > As a result,
> > > > it will not be handled as an actual session with an
> > > > independant cookie."
> > > >
> > > > What does that mean?
> > > >
> > > > Nick
> > > >
> > > >
> > > > > -----Original Message-----
> > > > > From: David H. DeWolf [mailto:ddewolf@apache.org]
> > > > > Sent: Thursday, 7 October 2004 1:55 PM
> > > > > To: pluto-dev@portals.apache.org
> > > > > Subject: RE: Defining the release
> > > > >
> > > > >
> > > > > I tested this tonight and agree. I'd be shocked if pluto
> > > > > passed this part
> > > > > of the TCK test.
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: Eric Dalquist [mailto:edalquist@unicon.net]
> > > > > > Sent: Wednesday, October 06, 2004 10:56 PM
> > > > > > To: pluto-dev@portals.apache.org
> > > > > > Subject: Re: Defining the release
> > > > > >
> > > > > >
> > > > > > Nick,
> > > > > > Thats what I was thinking, now I don't think
> this should
> > > > > > hinder the
> > > > > > upcoming release of pluto and I'm hoping it comes out soon
> > > > > > :-). I just
> > > > > > wanted to make sure that the release isn't advertised as
> > > > > > passing the TCK
> > > > > > tests when it doesn't.
> > > > > >
> > > > > > -Eric
> > > > > >
> > > > > > Nick Lothian wrote:
> > > > > >
> > > > > > >I'd be very surprised if they pass, since I was
> using Tomcat
> > > > > > 4 when I first
> > > > > > >came across the bug.
> > > > > > >
> > > > > > >See
> > > > > >
> >http://nagoya.apache.org/eyebrowse/ReadMsg?listName=pluto-dev
> > > > > > @portals.apache
> > > > > > >.org&msgNo=349
> > > > > > >
> > > > > > >Nick
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >>-----Original Message-----
> > > > > > >>From: Eric Dalquist [mailto:edalquist@unicon.net]
> > > > > > >>Sent: Thursday, 7 October 2004 1:16 AM
> > > > > > >>To: pluto-dev@portals.apache.org
> > > > > > >>Subject: Re: Defining the release
> > > > > > >>Importance: Low
> > > > > > >>
> > > > > > >>
> > > > > > >>Have these TCK tests been run with the latest version of
> > > > > pluto and
> > > > > > >>Tomcat 4? There was a recent post to bug 53
> > > > > > >>http://nagoya.apache.org/jira/browse/PLUTO-53 that
> > > stated they
> > > > > > >>portlet/servlet session sharing problem is being
> > observed on
> > > > > > >>Tomcat 4.1.29
> > > > > > >>
> > > > > > >>-Eric
> > > > > > >>
> > > > > > >>Michael Blum wrote:
> > > > > > >>
> > > > > > >>
> > > > > > >>
> > > > > > >>>Hello, sorry for being late. I think that David's
> > > > > conclusion makes
> > > > > > >>>sense! We should provide as an alternative package Pluto
> > > > > > >>>
> > > > > > >>>
> > > > > > >>with Tomcat
> > > > > > >>
> > > > > > >>
> > > > > > >>>4.x (27 or newer), when we are able to verify the
> > > > > > >>>
> > > > > > >>>
> > > > > > >>compatibility using
> > > > > > >>
> > > > > > >>
> > > > > > >>>TCK at Apache. This can be Pluto's Reference
> > > > > > Implementation package
> > > > > > >>>until we have fixes for Pluto with Tomcat 5.x .
> > > > > > >>>
> > > > > > >>>Michael
> > > > > > >>>
> > > > > > >>>David H. DeWolf wrote:
> > > > > > >>>
> > > > > > >>>
> > > > > > >>>
> > > > > > >>>>>When Pluto was donated to Apache last year it had
> > > > been tested
> > > > > > >>>>>thoroughly using the Portlet TCK, Version 1.0. This
> > > > > means it had
> > > > > > >>>>>passed all relevant tests successfully with JDK 1.3.1
> > > > > on Tomcat
> > > > > > >>>>>4.1.27. These TCK tests include many tests for
> > > > Portlet Session.
> > > > > > >>>>>
> > > > > > >>>>>
> > > > > > >>>>
> > > > > > >>>>I did not know that! If that's the case, then I'd
> > say that
> > > > > > >>>>
> > > > > > >>>>
> > > > > > >>the only
> > > > > > >>
> > > > > > >>
> > > > > > >>>>thing we
> > > > > > >>>>need to do before releasing is update the "binary"
> > > > > > distribution so
> > > > > > >>>>that it
> > > > > > >>>>ships with Tomcat 4.1.27 instead of Tomcat 5.x.
> > > > > > >>>>
> > > > > > >>>>David
> > > > > > >>>>
> > > > > > >>>>
> > > > > > >>>>
> > > > > > >>>>
> > > > > > >>>>
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
>
RE: Cross Context Sessions (was RE: Defining the release)
Posted by "David H. DeWolf" <dd...@apache.org>.
> Stephan wrote:
>
> I already pointed this out to Sun and they are working on
> this and get a
> clrearification in servlet 2.5.
> All I can say is that everyone in our EG, incl. Sun, Oracle,
> BEA and IBM
> read the servlet spec differently than what the tomcat group has
> implemented in tomcat.
Cool. Thanks! It's good to know we're not barking down the wrong tree!
David
Re: Cross Context Sessions (was RE: Defining the release)
Posted by Stefan Hepper <st...@apache.org>.
Nick Lothian wrote:
>I'll try to write some (non portlet based) test cases, and attach them to
>the report
>
>
>
Michael already abstracted the problem and added some servlets that
simulate the TCK test. in a similar defect for tomcat
>>-----Original Message-----
>>From: David H. DeWolf [mailto:ddewolf@apache.org]
>>Sent: Thursday, 7 October 2004 2:36 PM
>>To: pluto-dev@portals.apache.org
>>Subject: Cross Context Sessions (was RE: Defining the release)
>>
>>
>>I think we need to put together some more tests to verify,
>>but I *think*
>>that it may be possible to retrieve the session again from
>>another INCLUDED
>>resource which is also "shadowing" the originating session.
>>If it's not the
>>case now, since it doesn't require the writing of a cookie or
>>url rewriting,
>>we may be able to get Remy to add that fix. I guess that's a
>>step in the
>>right direction but it's still not good enough to meet the
>>portlet spec.
>>
>>I wonder what the JSR-168 team's interpretation of this is?
>>Obviously they
>>had figured it could be implemented somehow since the portlet
>>spec depends
>>on it. Stephen, do you have any insight (or pull to help us
>>get this pushed
>>through)?
>>
>>
>>
I already pointed this out to Sun and they are working on this and get a
clrearification in servlet 2.5.
All I can say is that everyone in our EG, incl. Sun, Oracle, BEA and IBM
read the servlet spec differently than what the tomcat group has
implemented in tomcat.
>>Perhaps if some more of you comment on the bugzilla entry we
>>can get some
>>more visibility and they'll see that it's more than just one
>>or two of us
>>that need this functionality.
>>
>>David
>>
>>
>>
That's always a good idea.
Stefan