you would make your changes in such a way that you neednt touch the existing code in any fashion. In other words, you add some more new control logic.
The control logic would be in the form of filters.
One functionality that a filter (look at http://java.sun.com/products/servlet/Filters.html for a crash course) does is to block requests based on a user identity.
So all requests to the existing web application would first be assigned to this filter (which would eseentially do the same task as the script your friend talked about in .NET). The filter would block the request and when it finds no valid session associated with that request would redirect the request to your web application which would perform whatever is required.
Now comes the next part, which is an even tougher nut to crack - in java sessions are not sharable across web applications. In short when you associate an user to a session in one web application, there's no way for the other web application can access or share this data.
1. In tomcat, one context can be accessed from another by defining the two contexts to be 'sharable' in 'context.xml - I tried this once long back and the results were quite unpredictable.
The api support is the getContext(String otherContext) method of the context object.
2. Hold this info in a mutually sharable db/file/serialized object.
Originally posted by Thierry Collogne:
What do you think?
Well behaved women rarely make history - Eleanor Roosevelt. tiny ad:
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com
|