"Christopher Schultz" <ch...@christopherschultz.net> wrote in message news:4aa12265.3020...@christopherschultz.net... > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Bill, > > On 9/3/2009 10:47 PM, Bill Barker wrote: >> "Christopher Schultz" <ch...@christopherschultz.net> wrote in message >> news:4aa03ca3.4010...@christopherschultz.net... >> Muthu, >> >> On 9/3/2009 11:17 AM, muthu.chan...@sectra.se wrote: >>>>> I am using tomcat 5.5 and just wanted to write a simple servlet to >>>>> get >>>>> some information using StandardManager such as activeSessions, >>>>> expriedSessions, sessionCounter etc.. I am not that familiar with >>>>> these >>>>> classes. I noticed when the request comes into my servlet it comes as >>>>> RequestFacade where the org.apache.catalina.connector.Request is >>>>> wrapped >>>>> inside it. I haven't figured out how to unwrap the Request object so >>>>> that >>>>> I can get the Context from which I can get the Manager >>>>> (StandardManager) >>>>> to access the information I need. Any help with a snippet of code to >>>>> get >>>>> the Request Object from RequestFacade will be appreciated. >> >> Maybe try something like this: >> >> public class SneekyRequestFacade >> extends RequestFacade >> { >> public SneekyRequestFacade() { super(null); } >> >> public Request getRequest(RequestFacade rf) >> { >> return rf.request; >> } >> } >> >> Now: >> >> RequestFacade rf = ...; // get your requestfacade >> Request req = new SneekyRequestFacade().getRequest(rf); >> >> I think that ought to do it. Isn't OO abuse great? >> >> >>> It is great ;). But you save a couple of lines by just doing straight >>> introspection. > > I had thought about that, but I thought the JVM prevented code from > getting-around access privileges by using introspection. Or is that only > when a SecurityManager is running? >
No, without a SecurityManager, you can do pretty much anything with introspection by at most calling field.setAccessible(true). This is how the WebappClassLoader nulls out static fields when you undeploy a webapp. It's also a big part of the reason that the server ClassLoader went away by default, since it didn't really stop anyone from accessing Tomcat core classes. > - -chris > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAkqhImUACgkQ9CaO5/Lv0PDVkgCaA9UWhDHNXKdfN2mSPZN1lauK > Z3oAnRphaMCX6vkmjvLH+t/tmUIxp52m > =qxEb > -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
