× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. JAVA400-L
  3. July 2002

jsp - servlet Session-authentication problem


A webapp has an index.html, 2 servlets(A)(B), 3 JSP's(A)(B)(error) and 1
databean. The application has 'Basic Authentication' activated in WebServer
(WAS3.5.6)

When index.html is launched, userid-password is asked by the server. After
receiving correct info, index.html is displayed and it automatically
launches Servlet(A).

This Servlet(A), creates a new session, get's data from the AS400 and
stores the data into the session. Finally it launches JSP(A) using
requestdispatcher:
'getServletConfig().getServletContext
().getRequestDispatcher(httppage).forward(req, res);'

JSP(A) is displayed and asks for a value to find data. When value is
entered, user submits the form which actually call's Servlet(B). In short,
this servlet does the following:
session = req.getSession(true);
id = session.getId();
if (session.isNew()) {
   httppage='error.jsp';
}
else{
   fillDataBean...;
   httppage='JSP2.jsp';
}
getServletConfig().getServletContext
().getRequestDispatcher(httppage).forward(req, res);

PROBLEM:
The first time Servlet(B) is executed (servlet loaded by server), I receive
JSP2.jsp which is correct. All subsequent calls end in error!
Even when I quit the browser, reload index.html and reconnect, the
error.jsp is shown which indicates that a new session is created.

The only clue I have is that 'session = req.getSession(true);' throws an
authorization-exception as follows:

com.ibm.websphere.servlet.session.UnauthorizedSessionRequestException:
SessionContext: a user authenticated as anonymous has attempted to access a
session owned by user:CLIPPER/S-1-5-21-346438834-254567744-1563503735-1100
at
com.ibm.servlet.personalization.sessiontracking.SessionContext.getIHttpSession(SessionContext.java:1413)

at
com.ibm.servlet.engine.srt.SRTSessionAPISupport.getSession(SRTSessionAPISupport.java:255)

at
com.ibm.servlet.engine.srt.SRTServletRequest.getSession(SRTServletRequest.java:470)

at
com.ibm.servlet.engine.webapp.HttpServletRequestProxy.getSession(HttpServletRequestProxy.java:77)

...
...





Patrick Goovaerts
Clipper Support nv
TEL : 0032 (0)3 5453991
GSM: 0498 610 325
WEB: www.conti7.be

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.