RE: [Zope] keeping Java Servlets session ids based on url rewriti ng
Albert, Hmmm.. can you take a step back and restate the problem more generally? What is the goal?
-----Original Message----- From: Kapil Thangavelu [mailto:kthangavelu@earthlink.net] Sent: Saturday, September 09, 2000 4:59 PM To: albert boulanger; zope@zope.org Subject: Re: [Zope] keeping Java Servlets session ids based on url rewriting
albert boulanger wrote:
I am using the latest Zope release using ZServer directly
(but will be
running under Apache....)
I need to coordinate Zope based sessions and servelet sessions. We will be using url rewriting (I know use cookies, but we are doing worst case planning.). As you may know the rewritten urls that the servlet does look like http://foo/bar;$<id here>$. I need to retain the stuff after the ;. This seems to be dropped i think in ZServer. I was going to store the servlet sesssion id in a SQLSession object by having the servlet do a response redirect to a dtml method to process the id after the ;.
Will Apache frontending and setting the CGI-vars fix this issue?
A more general question, has anyone worked on the general cross-session issues like this? I think this is consideration item for the new session support in Zope.
Would Zope Servlet interaction be useful to you? if so in what form?
I'm going to start working next weekend on Zope calls into JServ. I'd like to get some requirements from interested parties before i start coding.
Cheers
Kapil
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Hmmm.. can you take a step back and restate the problem more generally? What is the goal? We use servlets for java to java com between applets and the server. Inside, the servlets communicates to C++ based servers for objects and events. Servlet sessions are used to help ensure validation for the object and event servers. User database is also stored in the object repository. Getting the session id for the servlet back into Zope (I was going to store it in a SQLSession object.) was the reason for preserving the ;<sessionid> from a response redirect generated by servlet. All pages with applets would be written with the servlet session ID as a parameter. We were going to use https for anything with session ids in them so they can not be sniffed for. I had not decided if the user database exchange would be done by using the client as a relay with user info emedded in user,md5-password-signature components in the session id response redirect or some Zope to JServ direct handshaking using ZPatterns-based Membership. Yet another alternative would be the swig Python interface directly to the object server and Zpatterns. Hope this helps clarifys things.. Albert Boulanger aboulanger@vaptch.com -
participants (2)
-
albert boulanger -
Chris McDonough