|
midrange.com
Sorry it is not clear enough but it's such a strange behaviour and
rather difficult to describe. I'll try to clarify myself:
WAS level: WAS 3.5.6
The first HTML-page launches a login.class which is authenticated. This
forces WAS to send/request authentication info (when user isn't already
logged in through another application). The login.class also creates a
new HTTP-session in which I want to keep 'default-info'.
Next step should be the launch of the 'controller.servlet' which i tried
directly from the 'login.class'. 2 reason's why this
'controller.servlet' executes these statements:
session = req.getSession(true);
id = session.getId();
if (session.isNew())
...
1) Because the 'controller.servlet' needs the 'default-info'
(and that's the way to retrieve the session-info)
2) Because I can check if session is still valid
(ex. timeout occurred)
I don't know why 'session.isNew()' returns 'true' while one could see in
std-out that session-id is still the same... Stangly, when jsp1 is
launched first then it works!
So, this alway's works:
Html ==> Loginid ==> jsp1 ==> controller.servlet ==> jsp1 or jsp2
(depending on action)
This never works:
Html ==> Loginid ==> controller.servlet ==> jsp1 or jsp2 (depending on
action)
Problem:
When a user is authenticated before (ex. as guest for another
application), he could try to launch the application using URL (when he
knows it). When jsp1 is loaded first, het gets a screen to fill in
first and receives an error when executing controller.servlet
Otherwise, when controller.servlet is loaded first, he gets an error
immediatly.
Patrick Goovaerts
pgoovaerts@pandora.be
TEL: 0032-3-6472715
GSM:0498610325
-----Oorspronkelijk bericht-----
Van: java400-l-admin@midrange.com [mailto:java400-l-admin@midrange.com]
Namens Art Smet
Verzonden: maandag 5 augustus 2002 16:55
Aan: java400-l@midrange.com
Onderwerp: Re: HttpSession - problem
--
--
[ Picked text/plain from multipart/alternative ]
What WAS level?
When I read the description on how it should work, I see submit 'login.
class' creates a new 'session'. But in the problem description, after
submitting 'login.class', having a new 'session' is considered abnormal.
Can you clarify.
I've seen a similar authentication flow, but instead of a .forward( )
to the controller.class a SendRedirect was used, that may be one change
you can try to see if it helps.
Does your stdout/stderr show any evidence of errors, I'm suspecting
there may be an error that mentions 'anonymous' as part of the text.
|---------+---------------------------->
| | P. |
| | Goovaerts@Clipper|
| | .Be |
| | Sent by: java400-|
| | l-admin@midrange.|
| | com |
| | |
| | |
| | 08/05/02 04:15 AM|
| | Please respond to|
| | java400-l |
| | |
|---------+---------------------------->
>-----------------------------------------------------------------------
------------------------------------------------|
|
|
| To: web400@midrange.com, <java400-l@midrange.com>
|
| cc: java400-l@midrange.com, java400@midrange.com
|
| Subject: HttpSession - problem
|
|
|
|
|
>-----------------------------------------------------------------------
------------------------------------------------|
I hope one can help me with this tricky problem:
I have a WebApp which is running under 'Basic Authentication' and has
following objects:
- index.html
- login.class
- controller.class
- databean.class
- jsp1.jsp
- jsp2.jsp
- error.jsp
it should work as follows:
- index launched
- form submit 'login.class' with 2 parms: parm1, parm2
(value=controller.class)
- basic authentication is activated
(userid/password is asked and entered)
- create new 'session'
- gets default uservalues from AS400
- stores default uservalues in session
- redirects to parm2 (controller.class)
==> getServletConfig().
getServletContext().
getRequestDispatcher(controller.class).
forward(req, res);
- controller class loaded
- retrieves 'sessionvalues'
- detects which jsp to load
- loads jsp1.jsp
- jsp1.jsp loaded
- values changed
- loads controller.class
- controller class activated
- retrieves 'sessionvalues'
- detects which jsp to load
- updates databean.class
- loads jsp2.jsp
etc...
The controller's work is retrieving sessionvalues, updates beans, launch
jsp's. When session-timeout occurs, error.jsp is returned.
Problemdescription:
When I submit the 'login.class' with parm2=controller.class, the
'session' is considdered as 'new'??? I use the following to retrieve the
sessioninfo:
session = req.getSession(true);
id = session.getId();
if (session.isNew())
In normal situations, the session should get a 'false' on 'if
(session.isNew())' but it always returns 'true'. However, when I check
the sessionid, it is always the same!!!
When I change parm2 in 'jsp1.jsp', I do not get this strange
behaviour... The jsp is loaded, this form submits the controller which
detects the correct session (session.isNew() = false) and loads
jsp2.jsp.
Here's an extract of debugginginfo printerd to 'std_out'
where you can see that sessionid doesn't change...
--------------------------------------------------------
P4CGZHTYKSKYUEBFEKP3OAY ConnectionHolder(clipper): New ConnectionHolder
generated with :
P4CGZHTYKSKYUEBFEKP3OAY setAutoCommit=false
P4CGZHTYKSKYUEBFEKP3OAY setTransactionIsolation=1
P4CGZHTYKSKYUEBFEKP3OAY at :Mon Aug 05 10:41:03 GMT+02:00 2002
P4CGZHTYKSKYUEBFEKP3OAY*************************************************
*******************************
P4CGZHTYKSKYUEBFEKP3OAYSessioninformation at: SLoginUser_doGet
P4CGZHTYKSKYUEBFEKP3OAY Parameter Information
P4CGZHTYKSKYUEBFEKP3OAY Parm company: R
P4CGZHTYKSKYUEBFEKP3OAY Parm program: FQController
P4CGZHTYKSKYUEBFEKP3OAY Server Information
P4CGZHTYKSKYUEBFEKP3OAY req.getServerName() : "10.0.0.161"
P4CGZHTYKSKYUEBFEKP3OAY req.getServerPort() : "2032"
P4CGZHTYKSKYUEBFEKP3OAY req.getRemoteUser() : "pgo"
P4CGZHTYKSKYUEBFEKP3OAY req.getAuthType() : "Basic"
P4CGZHTYKSKYUEBFEKP3OAY req.getRequestURI() :
"/FreightQuotations/SLoginUser"
P4CGZHTYKSKYUEBFEKP3OAY req.getClass() : "class
com.ibm.servlet.engine.webapp.WebAppDispatcherRequest"
P4CGZHTYKSKYUEBFEKP3OAY req.getPathInfo() : "null"
P4CGZHTYKSKYUEBFEKP3OAY req.getPathTranslated() : "null"
P4CGZHTYKSKYUEBFEKP3OAY req.getServletPath() : "/SLoginUser"
P4CGZHTYKSKYUEBFEKP3OAY HttpUtils.getRequestURL(req) : "
http://10.0.0.161:2032/FreightQuotations/SLoginUser";
P4CGZHTYKSKYUEBFEKP3OAY Request Attributes:
P4CGZHTYKSKYUEBFEKP3OAY Attribute com.ibm.websphere.olt.include.bool:
false
P4CGZHTYKSKYUEBFEKP3OAY Attribute com.ibm.websphere.current_uri:
/SLoginUser
P4CGZHTYKSKYUEBFEKP3OAY Attribute
com.ibm.websphere.olt.forward.request:
SLoginUser
P4CGZHTYKSKYUEBFEKP3OAY Attribute com.ibm.websphere.request_url:
http://10.0.0.161:2032/FreightQuotations/SLoginUser
P4CGZHTYKSKYUEBFEKP3OAY HTTP-session Information
P4CGZHTYKSKYUEBFEKP3OAY Session ID: P4CGZHTYKSKYUEBFEKP3OAY
P4CGZHTYKSKYUEBFEKP3OAY Session Max.Inactive Interval: 1800
P4CGZHTYKSKYUEBFEKP3OAY Session Created: 1028536862652
P4CGZHTYKSKYUEBFEKP3OAY Session Last Accessed: -1
P4CGZHTYKSKYUEBFEKP3OAY Session Values:
P4CGZHTYKSKYUEBFEKP3OAY 0. sessionid.logoncompany: R
P4CGZHTYKSKYUEBFEKP3OAY 1. sessionid.logonusername: pgo
P4CGZHTYKSKYUEBFEKP3OAY 2. sessionid.logonpassword: serverauthorized
P4CGZHTYKSKYUEBFEKP3OAY 3. sessionid.connection:
com.clipper.tools.ConnectionHolder@896f1e68
P4CGZHTYKSKYUEBFEKP3OAYSLoginUser_doGetprocessing...
P4CGZHTYKSKYUEBFEKP3OAY*************************************************
*******************************
P4CGZHTYKSKYUEBFEKP3OAY SLoginUser_doGet: Homepage is shown
P4CGZHTYKSKYUEBFEKP3OAY SLoginUser_doGet: User pgo with
userprofile
C3DPAD Logged in successfully for Company:R
Menus Menus.getAllMenus(Connection, String, String): executed with
following parameters :
Company : R
UserType : P
Menus Menus.getAllMenus(Connection, String, String): Retrieving records
with: R P
Menus Menus.getAllMenus(Connection, String, String): 1 records retrieved
with: R P
Menus Menus.getAllMenus(Connection, String, String): executed with
following parameters :
Company : R
UserType : C
Menus Menus.getAllMenus(Connection, String, String): Retrieving records
with: R C
Menus Menus.getAllMenus(Connection, String, String): No records found
with: R C Menus Menus.getAllMenus(Connection, String, String): 0 records
retrieved
with: R C
Menus Menus.getAllMenus(Connection, String, String): executed with
following parameters :
Company : R
UserType : A
Menus Menus.getAllMenus(Connection, String, String): Retrieving records
with: R A
Menus Menus.getAllMenus(Connection, String, String): 1 records retrieved
with: R A
Menus Menus.getAllMenus(Connection, String, String): executed with
following parameters :
Company : R
UserType : O
Menus Menus.getAllMenus(Connection, String, String): Retrieving records
with: R O
Menus Menus.getAllMenus(Connection, String, String): 5 records retrieved
with: R O
Menus Menus.getAllMenus(Connection, String, String): executed with
following parameters :
Company : R
UserType : E
Menus Menus.getAllMenus(Connection, String, String): Retrieving records
with: R E
Menus Menus.getAllMenus(Connection, String, String): 4 records retrieved
with: R E
P4CGZHTYKSKYUEBFEKP3OAY SLoginUser_doGet: New Session Values:
P4CGZHTYKSKYUEBFEKP3OAY 1. sessionid.logoncompany: R
P4CGZHTYKSKYUEBFEKP3OAY 2. Menu: [com.clipper.model.Menu@818c9e68,
com.clipper.model.Menu@998f1e68, com.clipper.model.Menu@956d1e68,
com.clipper.model.Menu@91c39e68, com.clipper.model.Menu@91429e68,
com.clipper.model.Menu@90c19e68, com.clipper.model.Menu@6c0f9e68,
com.clipper.model.Menu@6f5c1e68, com.clipper.model.Menu@68bb1e68,
com.clipper.model.Menu@6a319e68, com.clipper.model.Menu@652a9e68]
P4CGZHTYKSKYUEBFEKP3OAY 3. MenuPublic:
[com.clipper.model.Menu@818c9e68]
P4CGZHTYKSKYUEBFEKP3OAY 4. MenuOwner:
[com.clipper.model.Menu@956d1e68,
com.clipper.model.Menu@91c39e68, com.clipper.model.Menu@91429e68,
com.clipper.model.Menu@90c19e68, com.clipper.model.Menu@6c0f9e68]
P4CGZHTYKSKYUEBFEKP3OAY 5. MenuAgent:
[com.clipper.model.Menu@998f1e68]
P4CGZHTYKSKYUEBFEKP3OAY 6. sessionid.useremail: pgoovaerts@pandora.be
P4CGZHTYKSKYUEBFEKP3OAY 7. MenuEdp: [com.clipper.model.Menu@6f5c1e68,
com.clipper.model.Menu@68bb1e68, com.clipper.model.Menu@6a319e68,
com.clipper.model.Menu@652a9e68]
P4CGZHTYKSKYUEBFEKP3OAY 8. sessionid.useragencycode: *
P4CGZHTYKSKYUEBFEKP3OAY 9. MenuClient: []
P4CGZHTYKSKYUEBFEKP3OAY 10. sessionid.logonusername: pgo
P4CGZHTYKSKYUEBFEKP3OAY 11. sessionid.logonpassword: serverauthorized
P4CGZHTYKSKYUEBFEKP3OAY 12. sessionid.usertype: E
P4CGZHTYKSKYUEBFEKP3OAY 13. sessionid.username: pgo
P4CGZHTYKSKYUEBFEKP3OAY 14. sessionid.connection:
com.clipper.tools.ConnectionHolder@896f1e68
P4CGZHTYKSKYUEBFEKP3OAY SLoginUser_doGet: Page to process= FQController
P4CGZHTYKSKYUEBFEKP3OAY FQController_doGet: Previous session had a
Time-out
P4CGZHTYKSKYUEBFEKP3OAY FQController_doGet: URL is now:
errorsession.jsp
Patrick Goovaerts
WebMaster
Clipper Support nv
TEL : 0032 (0)3 5453991
GSM: 0498 610 325
WEB: www.conti7.be
_______________________________________________
This is the Java Programming on and around the iSeries / AS400
(JAVA400-L) mailing list To post a message email: JAVA400-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/java400-l
or email: JAVA400-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/java400-l.
--
--
[ graycol.gif of type image/gif deleted ]
--
[ ecblank.gif of type image/gif deleted ]
--
[ pic05965.gif of type image/gif deleted ]
--
_______________________________________________
This is the Java Programming on and around the iSeries / AS400
(JAVA400-L) mailing list To post a message email: JAVA400-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/java400-l
or email: JAVA400-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/java400-l.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
