• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Jeanne Boyarsky
  • Tim Cooke
  • Liutauras Vilda
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Frits Walraven
  • Piet Souris
  • Himai Minh

Tomcat Valves and the Session

Ranch Hand
Posts: 73
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm implementing authentication as a Valve, and was hoping to have access to the HttpSession, so I can pass Attributes to the jsp. That would be really powerful. So I devised this code as a test:

It seemed that no matter where I located the Valve tag in server.xml, the HttpSession came back null.
Does anyone know - Is it possible to access the session information at this level? How?
Saloon Keeper
Posts: 25466
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Just from a quick look at the Catalina Javadocs, I can't help but wonder if you're not mixing org.apache.catalina classes and java servlet classes too casually. It looks like it's possible that a Catalina request may be castable to an unblessed (and thus possibly incomplete) j2ee servlet request. However, there's no explicit method to go from one to the other, nor an inheritance path nor an explicit blessing for doing such a cast.
So the fact that it compiled and executed without exception may be an artifact of an undocumented internal structure, as from reading the Javadocs, I'd expect it to fail outright.
You may need to check the Tomcat source code to see if you want to do is safe.
Did you just should on me? You should read this tiny ad:
free, earth-friendly heat - a kickstarter for putting coin in your pocket while saving the earth
    Bookmark Topic Watch Topic
  • New Topic