All geek questions in one place

Tomcat: how to access (session) manager from servlet

I need to access the dispatcher from a servlet (or filter) in Tomcat to load a user session using a user session id.

Answering the following question: why do I need this. There is an old error in Flash that causes it to send cookies from IE, and not from the current browser. So, if I am in FF and I try to upload a file using SWFUpload, I get the wrong session and error.

I want to add a magic parameter to POST, which should override the default session identifier (wrong), and then load the user session instead of the one loaded by Tomcat. I cannot use URL rewriting because cookies are allowed first, and when Flash sends the wrong cookie from IE, Tomcat does not try to load the session from the URL rewritten URL.

I would appreciate any other hint on how to access the Manager from the context or to solve the original problem.

Thanks in advance, Juriy

+6
source share
3 answers

It must be available through the implementation of ServletContext . Get tomcat sources to check this out or use reflection to get all context fields. You may need to use a lot of thought to get to the manager.

(I could not find if the manager is displayed in JNDI, but you can also look there)

+4
source

Unlike Ihor code, this code uses a slightly less abstraction, getting Manager from HttpSession :

 private Manager manager(HttpSession session) throws Exception { Field facadeSessionField = StandardSessionFacade.class.getDeclaredField("session"); facadeSessionField.setAccessible(true); StandardSession stdSession = (StandardSession) facadeSessionField.get(session); return stdSession.getManager(); }
+6
source

for Tomcat:

  ApplicationContextFacade appContextFacadeObj = (ApplicationContextFacade) request.getSession().getServletContext(); try { Field applicationContextField = appContextFacadeObj.getClass().getDeclaredField("context"); applicationContextField.setAccessible(true); ApplicationContext appContextObj = (ApplicationContext) applicationContextField.get(appContextFacadeObj); Field standardContextField = appContextObj.getClass().getDeclaredField("context"); standardContextField.setAccessible(true); StandardContext standardContextObj = (StandardContext) standardContextField.get(appContextObj); Manager persistenceManager = standardContextObj.getManager(); } catch(SecurityException e) { logger.error(e); } catch(NoSuchFieldException e) { logger.error(e); } catch(IllegalArgumentException e) { logger.error(e); } catch(IllegalAccessException e) { logger.error(e); }
+5
source

Source: https://habr.com/ru/post/886813/

More articles:


All Articles