Cross Context Session in Tomact

["Bajolek, Maciej" <Ma...@sabre-holdings.com>]

Hi,

 

I know this problem was raised million times but so far I haven't found
any good solution for that.

Basically the problem is: how can webAppA share the session object with
webAppB. Both apps are deployed within the same instance of Tomact.

 

A simple example of how I want it to work is:

 

http://localhost/webappa/setSessionAttr.jsp   -> sets session "attr" to
"value"

http://localhost/webappa/getSessionAttr.jsp   -> gets session "attr" ...
and the attribute is set to "value"

 

I played with crossContext param, I played with SSO, I played with
Clustering ... still haven't got what I want.

 

The only solutions I can think of are:

1.	Implement custom SessionManager that stores/reads session
objects in some common repository e.g.: shared library (common
classloader)
2.	implement some listeners for all applications that will notify
each other when session is created/destroyed or attrs set/unset

 

Any other ideas?

 

Thanks

Maciek

Re: Cross Context Session in Tomact

[André Warnier <aw...@ice-sa.com>]

Christopher Schultz wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Maciej,
> 
> Bajolek, Maciej wrote:
>> Basically the problem is: how can webAppA share the session object with
>> webAppB. Both apps are deployed within the same instance of Tomact.
> 
> The servlet specification (section 7.3) specifies that session scope is
> limited to a single web application, and specifically says that session
> objects (or their contents) must never be shared between applications.
> 
> Given this, I don't think Tomcat itself is going to help you out, here.
> 
>> A simple example of how I want it to work is:
>>
>> http://localhost/webappa/setSessionAttr.jsp   -> sets session "attr" to
>> "value"
>>
>> http://localhost/webappa/getSessionAttr.jsp   -> gets session "attr" ...
>> and the attribute is set to "value"
> 
> This ought to work without any problems. It's when you want:
> 
> http://localhost/webappb/getSessionAttr.jsp
> 
> ... to read the stuff set in webappa/setSessionAttr.jsp that it won't work.
> 
>> The only solutions I can think of are:
>>
>> 1.	Implement custom SessionManager that stores/reads session
>> objects in some common repository e.g.: shared library (common
>> classloader)
> 
> This would work, but is fraught with difficulty because you have to
> worry about releasing memory when you are finished with it.
> 
>> 2.	implement some listeners for all applications that will notify
>> each other when session is created/destroyed or attrs set/unset
> 
> This is similar to #2 because you still need to store everything somewhere.
> 
> This certainly is a tough problem. :(
> 
My grain of (Tomcat- and Java-level incompetent) salt :
Maybe you need to "step back" a bit from the idea of sharing session 
data directly at the Tomcat session level.  What is it really that you 
need to share in these two applications ? is it simply a user login, and 
maybe some linked user login level data ?  If yes, then maybe you could 
solve this at the application level by setting a cookie, with either the 
common data just stored in it or a key to some back-end store containing 
the data common to the two webapps.  Each application would then have to 
check for the (common) cookie, and if found retrieve the common data 
first of all; if not re-direct the call to a login page.  As long as 
both applications run on hosts within the same domain, that should not 
be a problem.
What I mean is that Tomcat has an embedded session mechanism which is 
nice and handy when you can use it, but in your case you cannot.  So 
maybe you have to think about how you would resolve this issue if this 
was not running under Tomcat in the first place.



---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: Cross Context Session in Tomact

[Christopher Schultz <ch...@christopherschultz.net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Maciej,

Bajolek, Maciej wrote:
> Basically the problem is: how can webAppA share the session object with
> webAppB. Both apps are deployed within the same instance of Tomact.

The servlet specification (section 7.3) specifies that session scope is
limited to a single web application, and specifically says that session
objects (or their contents) must never be shared between applications.

Given this, I don't think Tomcat itself is going to help you out, here.

> A simple example of how I want it to work is:
> 
> http://localhost/webappa/setSessionAttr.jsp   -> sets session "attr" to
> "value"
> 
> http://localhost/webappa/getSessionAttr.jsp   -> gets session "attr" ...
> and the attribute is set to "value"

This ought to work without any problems. It's when you want:

http://localhost/webappb/getSessionAttr.jsp

... to read the stuff set in webappa/setSessionAttr.jsp that it won't work.

> The only solutions I can think of are:
> 
> 1.	Implement custom SessionManager that stores/reads session
> objects in some common repository e.g.: shared library (common
> classloader)

This would work, but is fraught with difficulty because you have to
worry about releasing memory when you are finished with it.

> 2.	implement some listeners for all applications that will notify
> each other when session is created/destroyed or attrs set/unset

This is similar to #2 because you still need to store everything somewhere.

This certainly is a tough problem. :(

- -chris

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkjqTe4ACgkQ9CaO5/Lv0PAQYgCffqAIwfn4EEDio+35VYVH6pIq
sWkAn1itFA4DgLR4fU4keDR/bcTwrKWF
=3hiT
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org