there is a difficult situation I have. My portal was working fine alone but now client placed a security server on top of our web server which cleans session and rewrites some data back to it. Now to communicate with it I need to pass some information in http header. Can any one please let me know how we can write to http header.
So far I was reading info by request.getheader() function but never needed to write to header. I saw that request has only get header but I could not find any methoss by which you can add parameter to request header.
Actually every time page gets submitted first request goes to security server. At that time I need to pass a language parameter to maintain. If I set that perticular parameter in header while redirecting back it will keep that parameter in header. And I need it to maintain user selected language to load pages for that language. So far I was passing it in session or in request which does not pass through it. So I need to set language attribute to Http header.
I read your post multiple times but still trying to figure whats going on here.
1. The request first goes to the security server - this implies you have no control on the headers that go to it.
2. Your server serves the pages, so the session alternative still holds valid once you know the language.
3. If you mean that the security server is explicitly removing the parameters in the request, then this is an issue on the security server or in the design.
4. #3 said, I don't understand why the server removes parameters and wants the same info in header, makes no sense to me.
Sorry about not giving all information. Actually we provide an option to switch language on every page, Once user clicks the button, It calls one method to set language parameter.
Exactly it works as by clicking button it goes to Security server and from there it comes to my method which sets language parameter in session and then page gets loaded in that language.
But later when user clicks next or submit session gets cleaned by security server. To maintain I need to pass attribute with particular name in request header only. Security server is design as it will keep only particular things and only inside header, all other things inside session and request gets removed by it and that is how it is designed to keep web protected. Now design can not be changed as Security server is managed by some other company and they are asking us to set language parameter in request header. I am trying to set header when it comes back first time in switching language method or I can write it in servlet so it can be maintained and I won't have to set it every time but I don't know what is syntax to do it.
Would a request parameter work, instead of a request header? That would seem to be a more standard approach to this problem.
If you are thinking that you should be subverting a standard header such as Accept-Langauge with your own data, then you have definitely lost your way.
You haven't even really explained what you are trying to communicate with. Or even how. Are you using a redirect from your servlet? If so, where is the redirect going to? And why can't it carry data on request parameters like the rest of the web?
You seem to have latched onto headers as a solution, but there is a 99.99999999% chance that this is not a viable approach.
We need more information to determine not only how to approach the problem, but what the problem actually is in the first place.
Joined: Oct 27, 2009
Bear Bibeault wrote: We need more information to determine not only how to approach the problem, but what the problem actually is in the first place.
We are not using any redirect in our servlets. When ever user hits the URL request goes to security server first and then it sends it back to our server. Once request comes to our server, we handle it in normal way with customer framework(Based on Struts concept). Application is normal but there is a security server on top of it which actually drives the request. I don't how they are doing it but so for me it behaves like every request it hijacks and redirects to our server.
I am not trying to set my own data in "accept-language", It is my last hope if I can send "en_us" and "es" for each language selection into "accept-language" header field then security server will maintain it and I can read it when request comes back.
and you are right it looks like above approach will not work to set own data (Other company is doing it, and security server sends user first name/login name and some other information in http-header, so they are expecting us to send some data back to them in header) but right now I am just looking how I can set en_us or es in "accept-language" from servlet.
so they are expecting us to send some data back to them in header
that would mean you need to set a header in the response. However your question appears to be a lot of fuss about how the request is submitted to the servlet, which would only affect the headers on the request. That's a completely different thing. If you want to set a header in the response, just do that.
And when you say
and I can read it when request comes back
that suggests that you believe that if you send a header in the response, then the browser will echo that header in the next request it sends to your application. That isn't the case.
So I agree with everyone else that you need to step back and explain the actual requirements.
Joined: Mar 22, 2005
What's more, the "Accept-Language" header is a request header, not a response header. Setting it as part of the response will have no effect.