You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by cristi <cr...@medialab.sissa.it> on 2005/07/14 17:09:08 UTC

What is allowed to do with a HttpServletRequest ?

Hello all

I have a web application where I need to use in a second request the
HttpServletRequest object sent to the same servelet in the first
request.

Here is what my servlet looks like :

public void doGet( HttpServletRequest request, HttpServletResponse response )
{
     /*
     some code here detecting if this request
     is the first one. This code initializes
     isFirstRequest
     */

    if( isFirstRequest )
    {
	session.setAttribute( "FIRST_REQUEST_OBJECT", request );
	request.getRequestDispatcher("somepage.jsp").forward(request, response);
    }
    else
    {
	HttpServletRequest oreq = (HttpServletRequest)session.getAttribute("FIRST_REQUEST_OBJECT");
	request.getRequestDispatcher("somepage.jsp").forward(oreq, response);
    }

}

It seems that it is not safe to do so. What can I do to handle this situation ?

Thx.
Cristi


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: What is allowed to do with a HttpServletRequest ?

Posted by Guillaume Lederrey <gu...@gmail.com>.

The question is probably : "why do you need to refer to the first
request ?". Dont you need to actually refer to some state of the
request ? Could you extract that state from the request instead of
storing the full request ?

  Maybe I'm just asking a dumb question, but I have problem
understanding why you would need the whole request ...

On 7/14/05, cristi <cr...@medialab.sissa.it> wrote:
> Hello all
> 
> I have a web application where I need to use in a second request the
> HttpServletRequest object sent to the same servelet in the first
> request.
> 
> Here is what my servlet looks like :
> 
> public void doGet( HttpServletRequest request, HttpServletResponse response )
> {
>      /*
>      some code here detecting if this request
>      is the first one. This code initializes
>      isFirstRequest
>      */
> 
>     if( isFirstRequest )
>     {
>         session.setAttribute( "FIRST_REQUEST_OBJECT", request );
>         request.getRequestDispatcher("somepage.jsp").forward(request, response);
>     }
>     else
>     {
>         HttpServletRequest oreq = (HttpServletRequest)session.getAttribute("FIRST_REQUEST_OBJECT");
>         request.getRequestDispatcher("somepage.jsp").forward(oreq, response);
>     }
> 
> }
> 
> It seems that it is not safe to do so. What can I do to handle this situation ?
> 
> Thx.
> Cristi
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
>

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: What is allowed to do with a HttpServletRequest ?

Posted by Bill Barker <wb...@wilshire.com>.

"cristi" <cr...@medialab.sissa.it> wrote in message 
news:42D68014.3080004@medialab.sissa.it...
> Hello all
>
> I have a web application where I need to use in a second request the
> HttpServletRequest object sent to the same servelet in the first
> request.
>
> Here is what my servlet looks like :
>
> public void doGet( HttpServletRequest request, HttpServletResponse 
> response )
> {
>     /*
>     some code here detecting if this request
>     is the first one. This code initializes
>     isFirstRequest
>     */
>
>    if( isFirstRequest )
>    {
> session.setAttribute( "FIRST_REQUEST_OBJECT", request );
> request.getRequestDispatcher("somepage.jsp").forward(request, response);
>    }
>    else
>    {
> HttpServletRequest oreq = 
> (HttpServletRequest)session.getAttribute("FIRST_REQUEST_OBJECT");
> request.getRequestDispatcher("somepage.jsp").forward(oreq, response);
>    }
>
> }
>
> It seems that it is not safe to do so. What can I do to handle this 
> situation ?
>

According to the spec (section 8.2 for those of you following along at home 
:), the only safe HttpServletRequest to pass is the one that was passed into 
the Servlet, or a child of HttpServletRequestWrapper that wraps the one that 
was passed into the Servlet.

Tomcat happens to be very lenient in inforcing this restriction among 
Servlet-Containers out there.  The other-guys would probably throw an 
exception straight away for attempting something like the above.

> Thx.
> Cristi 




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org