You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by ra...@ca.ibm.com on 2000/10/11 20:28:50 UTC
Null Sessions
Win 2000, Tomcat 3.1 jdk 1.3
I have been struggling with sessions for almost two weeks now.
I am trying to create session info in a central servlet and then redirect
the response to a page containing an applet. When loaded, the applet
tries to communicate with another servlet which requires the session
information created in the original servlet. However, a call to
request.getSession(false)
returns null. The same program works under WebSphere.
I have verified that the cookie is being accepted by the browser. And I
have composed
the sendRedirect() in two parts:
response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); //This line
response.setHeader("Location",
"http://localhost:8080/test/qtindex.html"); //and this one cobine to give
the sendRedirect() behaviour
as there was a reported bug in Tomcat.
So I will post the code with the hope that someone will try it out.
There are Two servlet classes one applet class and an html file...
Any help very much appreciated
This servlet does the auth and creates the initial session info that is
required in the next Servlet...
-------------------------------------------
//TestServlet .java
import java.util.*;
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
/**
* Insert the type's description here.
* Creation date: (10-10-00 21:10:22)
* @author: Administrator
*/
public class TestServlet extends HttpServlet {
/**
* This simple method allows everyone...
*/
private static boolean allowUser(HttpServletRequest request) {
return true; //Trust Everyone
}
/**
* service method comment.
*/
public void service(HttpServletRequest request, HttpServletResponse
response) throws ServletException, IOException {
try {
if (!allowUser(request)) {
//Not allowed - Report it...
response.setHeader("WWW-Authenticate", "BASIC realm=\"SECURE
REALM\"");
response.sendError(response.SC_UNAUTHORIZED);
} else {
HttpSession session = request.getSession(true);
// get authenticated user
String userName = request.getRemoteUser(); //This returns
NULL as well...
java.security.Principal userName2 =
request.getUserPrincipal(); //But this works...
String user = userName2.getName();
if (session.getValue("session.status") == null) {
session.putValue("session.userName", user);
session.putValue("session.status", "ok");
}
response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); //This line
//conditional logic to redirect to dynamically selected
apps...
response.setHeader("Location",
"http://localhost:8080/test/qtindex.html"); //and this one cobine to give
the sendRedirect() behaviour
}
} catch (IOException e) {
//
e.printStackTrace();
}
// Just return something...
PrintWriter pw = response.getWriter();
pw.println("<HTML></HTML>");
pw.close();
}
}
This servlet is called by the applet to return session info created
above...
----------------------------
//AppletServlet.java
import java.io.*;
import java.util.*;
import javax.servlet.*;
import javax.servlet.http.*;
/**
* Insert the type's description here.
* Creation date: (10-10-00 22:06:22)
* @author: Administrator
*/
public class AppletServlet extends HttpServlet {
/**
* This service method is "called" from the applet...
*/
public void service(HttpServletRequest request, HttpServletResponse
response) throws ServletException, IOException {
// Return something the applet can understand...
response.setContentType("text/plain");
PrintWriter pw = response.getWriter();
pw.println("Response from AppletServlet:");
pw.println();
// Get existing session
HttpSession session = request.getSession(false);
if (session != null) {
pw.println("SESSION !");
pw.println("sessionId="+session.getId());
pw.println("session.status="+session.getValue("session.status"));
pw.println("session.userName="+session.getValue
("session.userName"));
} else {
pw.println("NO SESSION !");
}
pw.close();
}
}
Finally the applet code...
-------------------------------------
//TestApplet.java
import java.io.*;
import java.applet.*;
import java.awt.*;
/**
* Insert the type's description here.
* Creation date: (10-10-00 22:19:42)
* @author: Administrator
*/
public class TestApplet extends Applet {
TextArea text;
Button connect;
/**
* There is only one button in the applet.
* This code is executed when it is pressed
*/
public boolean action(Event evt, Object what) {
try {
URL url = new URL(getDocumentBase(), "/test/AppletServlet");
// Open a connection against the AppletServlet
// Browser should handle cookies
URLConnection conn = url.openConnection();
InputStream is = conn.getInputStream();
BufferedReader br = new BufferedReader(new
InputStreamReader(is));
String line;
StringBuffer buffer = new StringBuffer();
while ((line = br.readLine()) != null) {
buffer.append(line);
buffer.append('\n');
}
text.setText(buffer.toString());
}
catch (Exception e) {
StringWriter sw = new StringWriter();
PrintWriter pw = new PrintWriter(sw);
e.printStackTrace(pw);
pw.flush();
text.setText(sw.toString());
}
return true;
}
/**
* Initializes the applet.
*/
public void init() {
setLayout(new BorderLayout());
text = new TextArea("", 25, 40, TextArea.SCROLLBARS_BOTH);
text.setEditable(false);
text.setFont(new Font("monospaced", Font.PLAIN, 12));
add(text, BorderLayout.CENTER);
connect = new Button("Connect");
add(connect, BorderLayout.SOUTH);
}
}
You'll need this as well...
------------------------------------
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD>
<TITLE>Page containing applet</TITLE>
<META NAME="Generator" CONTENT="EditPlus 2.01b">
<META NAME="Author" CONTENT="Raimee">
</HEAD>
<BODY BGCOLOR="#FFFFFF">
<p>
<A HREF="TestApplet.java">Source code for TestApplet</A>
<p>
<APPLET CODE="TestApplet.class" WIDTH="300" HEIGHT="300">
</APPLET>
</BODY>
</HTML>