-
1. Re: Should portlet and servlet from same web app be able to
bdaw Mar 16, 2007 6:52 PM (in response to mchan_98)1) This question should go to the user forum....
2) Yes its the expected behavior. Portlet and Servlet exist in the same web application, so you can for example share session between them (PortletSesion is a wrapper around HttpSession) in application scope. But remember that Portal is also separate web application itself. So when you log in you authenticate against portal web app - not portlet web app. Communication between portal and portlet is done by instrumenting portlet web app with special servlet and context dispatching.
If you need to validate that user is authenticated, store some kind of token into PortletSession and try to obtain it from HttpSession in your servlet. -
2. Re: Should portlet and servlet from same web app be able to
mchan_98 Mar 17, 2007 9:40 PM (in response to mchan_98)First, Thank you very much for your response. Next, sorry for posting in the wrong forum.
I have thought of the solution that you have proposed. It's doable, just not as clean, I guess.
I just think it's kind of strange that the portal web app and portlet web app can share session, but not user's credential . BTW, does the JSR 168 explicitly say that the portal web app and portlet web app cannot share user credential? I tried to search for that but can't.
Thanks,
Michael Chan
Director of Development
Obelisk Financial
http://www.obeliskfinancial.com -
3. Re: Should portlet and servlet from same web app be able to
julien1 Mar 18, 2007 4:48 PM (in response to mchan_98)the other solution is to enable SSO in tomcat.