I would like to customize the default session behaviour by doing the following:
1. Customized Session Id
I want to generate my own id (mostly as a cookie, I don't think I'd like to encourage URL rewriting).
This id will be signed as to prevent any tampering, using a secret token message digest.
2. Database storage
I'd like the session id and corresponding name/value pairs to be stored in a backend database, rather than in the container memory (except perhaps for some sort of caching).
So, now I'm unsure about the best way to proceed
1) Filters ?
I've been looking into filters to accomplish. Read some articles that show something like what I need, but there's a lot of coding involved. I'd really like to adhere to the KISS principle here.
2) Replacing ActionServlet, Wrapping Response/Request/Session objects Looks like a possibility, I've yet to get a picture of how this might work.
3) Custom Session Write my own classes that would substitue for req.GetSession.
I'd really appreciate your input on how you're approaching this issues with the experience you have.
Thanks in advance.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
