Hello
I am wondering how is the HttpSession, related to
the EJB session...how is the information such as user etc
passed to the EJB sessioncontext.
Also why servletsessioncontext is been removed from the
servletspec?
thanks
-ram
Discussions
Web tier: servlets, JSP, Web frameworks: Relation b/w httpsession and ejb container session
-
Relation b/w httpsession and ejb container session (1 messages)
- Posted by: sriram chandra
- Posted on: May 26 2004 23:19 EDT
Threaded Messages (1)
- Relation b/w httpsession and ejb container session by Paul Strack on May 27 2004 12:55 EDT
-
Relation b/w httpsession and ejb container session[ Go to top ]
- Posted by: Paul Strack
- Posted on: May 27 2004 12:55 EDT
- in response to sriram chandra
I am wondering how is the HttpSession, related to the EJB session ... how is the information such as user etc. passed to the EJB sessioncontext.
There is no relationship. No data is passed between the two. The only exception to this rule is that if you are using J2EE-standard security, the user credentials may be passed from the web container to the EJB container. They would be available in the EJB container via the SessionContext.getCallerPrincipal() method.Also why servletsessioncontext is been removed from the servlet spec?
There are potential security risks in being able to retrieve an arbitrary session by id. That is why this interface is deprecated.