Menu
▾
▴
Re: Ant: [Php-java-bridge-users] session sharing with JavaBridge
|
From: Raphael V. <rv_...@os...> - 2005-09-10 12:24:01
|
Hi, Jost, thanks for for answer. > Hi Raphael, > > >>http://localhost:8080/JavaBridge/sessionSharing.jsp >>http://localhost/JavaBridge/sessionSharing.php > > > interesting. I didn't think about this scenario. I > assume you use IIS, which cannot JkMount the tomcat > folder, and manually redirect all .jsp requests to a > different server. I use Apache 2.0.53. Perhaps it is not clear: Both server use different folders. The logical path is the same to avoid problems with the path value in the cookie. > >>Is this a bug in JavaBridge > > > If we want session sharing between different servers, > we must strip off the server part from PHP_SELF, > please see protocol.c, setResultWith_context() I wonder why it work in one direction but not the other way round. The only difference is the path value. A workaround could be to set the path always to / so the cookie is valid for the whole server. The port is imo not relevant. Unfortunately I can not do it by myself because I don't know if it is handled by the JavaBridge or in Tomcat. > This raises some security concerns, though. > > So before I change the code to strip away the server > part, I would like to see a use case. Can you please > explain why do need this? We have a pretty complex application written in PHP which we need to integrate into a Java Portal. The Portal runs in a OC4J and the PHP application on an seperate Apache Instance on the same machine. Both application have a own user management. If a user log in (the portal) and then goes to the PHP application it need to know which user is it. I thought the easiest way is to read the Java session and then map the user data to the user of the PHP Application. regards, Raphael |
