views:

712

answers:

3

Hey, I am in a WTF code situation working on a jsp tomcat server and trying to pass session data (user id, etc.) to php. i am planning to rewrite php session handling with session_set_save_handler() my question is where does tomcat stores it session data (harddrive?) and what kind of encoding does it uses? or am i on the wrong path? i know the idea of mashing php and jsp is stupid just got this assignment and i am pissed too.

+3  A: 

You could try using database driven sessions to solve this issue. Assuming that tomcat and apache have the same session hashes, it may be possible to transfer them across servers? You need to look in the tomcat config file and it SHOULD be under something prefixed with session. That is where I would start. Typically, on an Ubuntu linux server it would be under something like /etc/apache2/apache2.conf.

I hope this helps and good luck!

Kyle

Kyle J. Dye
+2  A: 

I believe the default session manager for Tomcat will store session data in a SESSIONS.ser files in the "work" directory for your application.

You may want to create and configure your own session manager: http://tomcat.apache.org/tomcat-5.5-doc/config/manager.html

mattsidesinger
+4  A: 

Try to avoid sessions between different systems. You can't really share sessions between PHP and Java because,

  1. They run under different processes, maybe different machines. There is no shared memory.
  2. Their session data structures are totally different.
  3. The serialization is not compatible.
  4. Different cookie flavors, "PHPSESSID" vs. "JSESSIONID".

You pretty much have to do session management yourself to share sessions. It's pretty complicated. Following are the components you have to write,

  1. Setup a common session store, like a DB or memcached. The session is stored as big blob.
  2. Design a common session data structures. I just use name-values pairs. The same name must be used on both systems and the values must be string (UTF-8).
  3. Use a common serialization. I would go with PHP's session_encode(), which is fairly easy to handle on Java.
  4. Handle your own session cookie.
ZZ Coder
#3, you could serialize your session object with json_en/decode() on both systems.
Lance Rushing