Mar 31st, 2008, 03:07 PM
Recreate session from URL in addition to cookies.
I'm grappling with a problem where I need to be able to pass the JESSIONID over a URL in addition to cookies. I'm trying to find out if this is possible with Acegi.
Here is my problem. I am using SWFUpload (http://swfupload.org/) in my Spring application to handle uploading files. It turns out that there is a bug in the flash player browser plugin where cookies are not sent if using a browser that is not Internet Explorer. See this link for details:
So in my case, an authenticated user accesses the file upload screen of my application. At this point, they have a valid session and there is a JSESSIONID cookie stored. When the user attempts to upload a file, the resulting page is the login screen. No cookie was sent along with the POST.
Who knows whether or not Adobe will ever fix this. The current workaround people are using is to add the SessionID as a parameter in the POST of the SWF object.
Is it possible to configure Acegi to discover the Session ID from the URL if a cookie does not exist?
Are there other ways to work around this type of problem?
Thanks so much for any help!