× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Sorry it is not clear enough but it's such a strange behaviour and
rather difficult to describe.  I'll try to clarify myself:

WAS level: WAS 3.5.6

The first HTML-page launches a login.class which is authenticated.  This
forces WAS to send/request authentication info (when user isn't already
logged in through another application).  The login.class also creates a
new HTTP-session in which I want to keep 'default-info'.

Next step should be the launch of the 'controller.servlet' which i tried
directly from the 'login.class'.  2 reason's why this
'controller.servlet' executes these statements:
   session = req.getSession(true);
   id = session.getId();
   if (session.isNew())
    ...
1) Because the 'controller.servlet' needs the 'default-info'
     (and that's the way to retrieve the session-info)
2) Because I can check if session is still valid
     (ex. timeout occurred)

I don't know why 'session.isNew()' returns 'true' while one could see in
std-out that session-id is still the same...  Stangly, when jsp1 is
launched first then it works!

So, this alway's works:
Html ==> Loginid ==> jsp1 ==> controller.servlet ==> jsp1 or jsp2
(depending on action)

This never works:
Html ==> Loginid ==> controller.servlet ==> jsp1 or jsp2 (depending on
action)

Problem:
When a user is authenticated before (ex. as guest for another
application), he could try to launch the application using URL (when he
knows it).  When jsp1 is loaded first, het gets a screen to fill in
first and receives an error when executing controller.servlet
Otherwise, when controller.servlet is loaded first, he gets an error
immediatly.


Patrick Goovaerts
pgoovaerts@pandora.be
TEL: 0032-3-6472715
GSM:0498610325



-----Oorspronkelijk bericht-----
Van: java400-l-admin@midrange.com [mailto:java400-l-admin@midrange.com]
Namens Art Smet
Verzonden: maandag 5 augustus 2002 16:55
Aan: java400-l@midrange.com
Onderwerp: Re: HttpSession - problem


--
--
[ Picked text/plain from multipart/alternative ]





What WAS level?

When I read the description on how it should work, I see submit 'login.
class' creates a new 'session'.  But in the problem description, after
submitting 'login.class', having a new 'session' is considered abnormal.
Can you clarify.

I've seen a similar authentication flow, but instead of a .forward( )
to the controller.class a SendRedirect was used, that may be one change
you can try to see if it helps.

Does your stdout/stderr show any evidence of errors, I'm suspecting
there may be an error that mentions 'anonymous' as part of the text.



|---------+---------------------------->
|         |           P.               |
|         |           Goovaerts@Clipper|
|         |           .Be              |
|         |           Sent by: java400-|
|         |           l-admin@midrange.|
|         |           com              |
|         |                            |
|         |                            |
|         |           08/05/02 04:15 AM|
|         |           Please respond to|
|         |           java400-l        |
|         |                            |
|---------+---------------------------->

>-----------------------------------------------------------------------
------------------------------------------------|
  |
|
  |       To:       web400@midrange.com, <java400-l@midrange.com>
|
  |       cc:       java400-l@midrange.com, java400@midrange.com
|
  |       Subject:  HttpSession - problem
|
  |
|
  |
|

>-----------------------------------------------------------------------
------------------------------------------------|




I hope one can help me with this tricky problem:

I have a WebApp which is running under 'Basic Authentication' and has
following objects:
- index.html
- login.class
- controller.class
- databean.class
- jsp1.jsp
- jsp2.jsp
- error.jsp

it should work as follows:
- index launched
- form submit 'login.class' with 2 parms: parm1, parm2
(value=controller.class)
        - basic authentication is activated
           (userid/password is asked and entered)
        - create new 'session'
        - gets default uservalues from AS400
        - stores default uservalues in session
        - redirects to parm2 (controller.class)
                ==> getServletConfig().
                       getServletContext().
                      getRequestDispatcher(controller.class).
                       forward(req, res);
- controller class loaded
        - retrieves 'sessionvalues'
        - detects which jsp to load
        - loads jsp1.jsp
- jsp1.jsp loaded
        - values changed
        - loads controller.class
- controller class activated
        - retrieves 'sessionvalues'
        - detects which jsp to load
        - updates databean.class
        - loads jsp2.jsp
etc...

The controller's work is retrieving sessionvalues, updates beans, launch
jsp's.  When session-timeout occurs, error.jsp is returned.

Problemdescription:
When I submit the 'login.class' with parm2=controller.class, the
'session' is considdered as 'new'??? I use the following to retrieve the
sessioninfo:
   session = req.getSession(true);
   id = session.getId();
   if (session.isNew())

In normal situations, the session should get a 'false' on 'if
(session.isNew())' but it always returns 'true'.  However, when I check
the sessionid, it is always the same!!!

When I change parm2 in 'jsp1.jsp', I do not get this strange
behaviour... The jsp is loaded, this form submits the controller which
detects the correct session (session.isNew() = false) and loads
jsp2.jsp.



Here's an extract of debugginginfo printerd to 'std_out'
where you can see that sessionid doesn't change...
--------------------------------------------------------
P4CGZHTYKSKYUEBFEKP3OAY ConnectionHolder(clipper): New ConnectionHolder
generated with :
P4CGZHTYKSKYUEBFEKP3OAY    setAutoCommit=false
P4CGZHTYKSKYUEBFEKP3OAY    setTransactionIsolation=1
P4CGZHTYKSKYUEBFEKP3OAY    at :Mon Aug 05 10:41:03 GMT+02:00 2002
P4CGZHTYKSKYUEBFEKP3OAY*************************************************
*******************************


P4CGZHTYKSKYUEBFEKP3OAYSessioninformation at: SLoginUser_doGet
P4CGZHTYKSKYUEBFEKP3OAY Parameter Information
P4CGZHTYKSKYUEBFEKP3OAY   Parm company: R
P4CGZHTYKSKYUEBFEKP3OAY   Parm program: FQController
P4CGZHTYKSKYUEBFEKP3OAY Server Information
P4CGZHTYKSKYUEBFEKP3OAY   req.getServerName()          : "10.0.0.161"
P4CGZHTYKSKYUEBFEKP3OAY   req.getServerPort()          : "2032"
P4CGZHTYKSKYUEBFEKP3OAY   req.getRemoteUser()          : "pgo"
P4CGZHTYKSKYUEBFEKP3OAY   req.getAuthType()            : "Basic"
P4CGZHTYKSKYUEBFEKP3OAY   req.getRequestURI()          :
"/FreightQuotations/SLoginUser"
P4CGZHTYKSKYUEBFEKP3OAY   req.getClass()               : "class
com.ibm.servlet.engine.webapp.WebAppDispatcherRequest"
P4CGZHTYKSKYUEBFEKP3OAY   req.getPathInfo()            : "null"
P4CGZHTYKSKYUEBFEKP3OAY   req.getPathTranslated()      : "null"
P4CGZHTYKSKYUEBFEKP3OAY   req.getServletPath()         : "/SLoginUser"
P4CGZHTYKSKYUEBFEKP3OAY   HttpUtils.getRequestURL(req) : "
http://10.0.0.161:2032/FreightQuotations/SLoginUser";
P4CGZHTYKSKYUEBFEKP3OAY   Request Attributes:
P4CGZHTYKSKYUEBFEKP3OAY   Attribute com.ibm.websphere.olt.include.bool:
false
P4CGZHTYKSKYUEBFEKP3OAY   Attribute com.ibm.websphere.current_uri:
/SLoginUser
P4CGZHTYKSKYUEBFEKP3OAY   Attribute
com.ibm.websphere.olt.forward.request:
SLoginUser
P4CGZHTYKSKYUEBFEKP3OAY   Attribute com.ibm.websphere.request_url:
http://10.0.0.161:2032/FreightQuotations/SLoginUser
P4CGZHTYKSKYUEBFEKP3OAY HTTP-session Information
P4CGZHTYKSKYUEBFEKP3OAY   Session ID: P4CGZHTYKSKYUEBFEKP3OAY
P4CGZHTYKSKYUEBFEKP3OAY   Session Max.Inactive Interval: 1800
P4CGZHTYKSKYUEBFEKP3OAY   Session Created: 1028536862652
P4CGZHTYKSKYUEBFEKP3OAY   Session Last Accessed: -1
P4CGZHTYKSKYUEBFEKP3OAY   Session Values:
P4CGZHTYKSKYUEBFEKP3OAY   0. sessionid.logoncompany: R
P4CGZHTYKSKYUEBFEKP3OAY   1. sessionid.logonusername: pgo
P4CGZHTYKSKYUEBFEKP3OAY   2. sessionid.logonpassword: serverauthorized
P4CGZHTYKSKYUEBFEKP3OAY   3. sessionid.connection:
com.clipper.tools.ConnectionHolder@896f1e68
P4CGZHTYKSKYUEBFEKP3OAYSLoginUser_doGetprocessing...
P4CGZHTYKSKYUEBFEKP3OAY*************************************************
*******************************


P4CGZHTYKSKYUEBFEKP3OAY SLoginUser_doGet: Homepage is shown
P4CGZHTYKSKYUEBFEKP3OAY SLoginUser_doGet: User pgo        with
userprofile
C3DPAD    Logged in successfully for Company:R
Menus Menus.getAllMenus(Connection, String, String): executed with
following parameters :
  Company     : R
  UserType    : P
Menus Menus.getAllMenus(Connection, String, String): Retrieving records
with: R P
Menus Menus.getAllMenus(Connection, String, String): 1 records retrieved
with: R P
Menus Menus.getAllMenus(Connection, String, String): executed with
following parameters :
  Company     : R
  UserType    : C
Menus Menus.getAllMenus(Connection, String, String): Retrieving records
with: R C
Menus Menus.getAllMenus(Connection, String, String): No records found
with: R C Menus Menus.getAllMenus(Connection, String, String): 0 records
retrieved
with: R C
Menus Menus.getAllMenus(Connection, String, String): executed with
following parameters :
  Company     : R
  UserType    : A
Menus Menus.getAllMenus(Connection, String, String): Retrieving records
with: R A
Menus Menus.getAllMenus(Connection, String, String): 1 records retrieved
with: R A
Menus Menus.getAllMenus(Connection, String, String): executed with
following parameters :
  Company     : R
  UserType    : O
Menus Menus.getAllMenus(Connection, String, String): Retrieving records
with: R O
Menus Menus.getAllMenus(Connection, String, String): 5 records retrieved
with: R O
Menus Menus.getAllMenus(Connection, String, String): executed with
following parameters :
  Company     : R
  UserType    : E
Menus Menus.getAllMenus(Connection, String, String): Retrieving records
with: R E
Menus Menus.getAllMenus(Connection, String, String): 4 records retrieved
with: R E
P4CGZHTYKSKYUEBFEKP3OAY SLoginUser_doGet:    New Session Values:
P4CGZHTYKSKYUEBFEKP3OAY   1. sessionid.logoncompany: R
P4CGZHTYKSKYUEBFEKP3OAY   2. Menu: [com.clipper.model.Menu@818c9e68,
com.clipper.model.Menu@998f1e68, com.clipper.model.Menu@956d1e68,
com.clipper.model.Menu@91c39e68, com.clipper.model.Menu@91429e68,
com.clipper.model.Menu@90c19e68, com.clipper.model.Menu@6c0f9e68,
com.clipper.model.Menu@6f5c1e68, com.clipper.model.Menu@68bb1e68,
com.clipper.model.Menu@6a319e68, com.clipper.model.Menu@652a9e68]
P4CGZHTYKSKYUEBFEKP3OAY   3. MenuPublic:
[com.clipper.model.Menu@818c9e68]
P4CGZHTYKSKYUEBFEKP3OAY   4. MenuOwner:
[com.clipper.model.Menu@956d1e68,
com.clipper.model.Menu@91c39e68, com.clipper.model.Menu@91429e68,
com.clipper.model.Menu@90c19e68, com.clipper.model.Menu@6c0f9e68]
P4CGZHTYKSKYUEBFEKP3OAY   5. MenuAgent:
[com.clipper.model.Menu@998f1e68]
P4CGZHTYKSKYUEBFEKP3OAY   6. sessionid.useremail: pgoovaerts@pandora.be

P4CGZHTYKSKYUEBFEKP3OAY   7. MenuEdp: [com.clipper.model.Menu@6f5c1e68,
com.clipper.model.Menu@68bb1e68, com.clipper.model.Menu@6a319e68,
com.clipper.model.Menu@652a9e68]
P4CGZHTYKSKYUEBFEKP3OAY   8. sessionid.useragencycode: *
P4CGZHTYKSKYUEBFEKP3OAY   9. MenuClient: []
P4CGZHTYKSKYUEBFEKP3OAY   10. sessionid.logonusername: pgo
P4CGZHTYKSKYUEBFEKP3OAY   11. sessionid.logonpassword: serverauthorized
P4CGZHTYKSKYUEBFEKP3OAY   12. sessionid.usertype: E
P4CGZHTYKSKYUEBFEKP3OAY   13. sessionid.username: pgo
P4CGZHTYKSKYUEBFEKP3OAY   14. sessionid.connection:
com.clipper.tools.ConnectionHolder@896f1e68
P4CGZHTYKSKYUEBFEKP3OAY SLoginUser_doGet: Page to process= FQController
P4CGZHTYKSKYUEBFEKP3OAY FQController_doGet: Previous session had a
Time-out

P4CGZHTYKSKYUEBFEKP3OAY FQController_doGet:      URL is now:
errorsession.jsp




Patrick Goovaerts
WebMaster
Clipper Support nv
TEL : 0032 (0)3 5453991
GSM: 0498 610 325
WEB: www.conti7.be



_______________________________________________
This is the Java Programming on and around the iSeries / AS400
(JAVA400-L) mailing list To post a message email: JAVA400-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/java400-l
or email: JAVA400-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/java400-l.


--

--
[ graycol.gif of type image/gif deleted ]
--
[ ecblank.gif of type image/gif deleted ]
--
[ pic05965.gif of type image/gif deleted ]
--

_______________________________________________
This is the Java Programming on and around the iSeries / AS400
(JAVA400-L) mailing list To post a message email: JAVA400-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/java400-l
or email: JAVA400-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/java400-l.




As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.