Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 1.2.0.Beta10
Affects Version/s: 1.2.0.Beta8
Component/s: Servlet
Labels:
None

Steps to Reproduce:

Hide

Small web app for testing available at https://github.com/lbtc-xxx/jsessionid . how to use:

1. git clone
2. mvn clean package
3. deploy
4. access http://localhost:8080/jsessionid-1.0-SNAPSHOT/test . firebug would be useful

Show
Small web app for testing available at https://github.com/lbtc-xxx/jsessionid . how to use: 1. git clone 2. mvn clean package 3. deploy 4. access http://localhost:8080/jsessionid-1.0-SNAPSHOT/test . firebug would be useful
Forum Reference:
https://developer.jboss.org/thread/251459
Git Pull Request:
https://github.com/undertow-io/undertow/pull/287, https://github.com/wildfly/wildfly/pull/7197

Description

I guess 2 problems here:

1. When isRequestedSessionIdFromCookie() is invoked inside encodeURL(), it returns always true while no session cookies in a request.

After application invokes HttpServletRequest#getSession(), SessionCookieConfig#setSessionId() creates a cookie and set it to HttpServerExchange instance. but it sets both of response and request of HttpServerExchange instance using setResponseCookie() and getRequestCookies().put(). I guess that getRequestCookies().put() is should NOT be invoked because isRequestedSessionIdFromCookie() uses getRequestCookies() to check where a cookie come from.

2. SessionCookieConfigImpl#rewriteUrl() doesn't care fallback.

It simply returns the original URL. it should do that check whether JSESSIONID is available in cookie then if not available append JSESSIONID to URL and return, when if "fallback" is available.

Attachments

Activity

People

Assignee:: Stuart Douglas

Reporter:: Kohei Nozaki (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 2015/02/25 5:11 AM

Updated:: 2015/03/08 6:39 PM

Resolved:: 2015/03/08 6:39 PM