Is there any way to get a session object when knowing the session id?
Created May 4, 2012
David Garcia This would be useful for reattaching a user to a preexisting session.
[Unfortunately, this behavior has been deemed dangerous. The code below used to work, but has been deprecated as of Servlet API version 2.1. (The method HttpSessionContext.getSession(String sessionid) has been deprecated.)
// first, store the target HttpSession id, no problems about this cause the id is a Serializable String object
HttpSession oldSesion=request.getSession(false);
String id=oldSesion.getId();
database.storeID(id);
// next, maybe in another servlet or object
// recover target ID
String idOldSesion=database.recoverID();
// recover target HttpSession
HttpSession currentSesion=request.getSession(false);
HttpSessionContext sCtx=currentSesion.getSessionContext();
HttpSession recoveredOldSesion=sCtx.getSession(idOldSesion);
Test conditions:
BEA Weblogic 4.5.1 (uses httpServlet Specification 2.1 ).
Windows NT 4.0
There may be a way to make it work under certain servlet engines, but no portable/standard way that I know of. -Alex]
Code sample:
// first, store the target HttpSession id, no problems about this cause the id is a Serializable String object
HttpSession oldSesion=request.getSession(false);
String id=oldSesion.getId();
database.storeID(id);
// next, maybe in another servlet or object
// recover target ID
String idOldSesion=database.recoverID();
// recover target HttpSession
HttpSession currentSesion=request.getSession(false);
HttpSessionContext sCtx=currentSesion.getSessionContext();
HttpSession recoveredOldSesion=sCtx.getSession(idOldSesion);
Test conditions:
BEA Weblogic 4.5.1 (uses httpServlet Specification 2.1 ).
Windows NT 4.0