axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From j...@apache.org
Subject [jira] Reopened: (AXIS-1059) Cookies management broken in HTTP transport
Date Sun, 11 Apr 2004 15:14:43 GMT
Message:

   The following issue has been reopened.

   Reopener: Davanum Srinivas
       Date: Sun, 11 Apr 2004 8:13 AM

reopen
---------------------------------------------------------------------
View the issue:
  http://issues.apache.org/jira/browse/AXIS-1059

Here is an overview of the issue:
---------------------------------------------------------------------
        Key: AXIS-1059
    Summary: Cookies management broken in HTTP transport
       Type: Bug

     Status: Reopened

    Project: Axis
 Components: 
             Basic Architecture
   Versions:
             1.1

   Assignee: 
   Reporter: Charles-Edouard Ruault

    Created: Thu, 11 Sep 2003 4:41 PM
    Updated: Sun, 11 Apr 2004 8:13 AM
Environment: Operating System: Other
Platform: All

Description:
HTTPSender is designed to handle only one "set-cookie" header and therefore,
when a server sends more than one cookie ( which is common ), only the last one
is remembered.
I'm attaching a small patch that fixes this issue ( but more work would be
nedded to properly handle cookies , see TODO tags ).

--- axis-1_1/src/org/apache/axis/transport/http/HTTPSender.java 2003-09-11
17:36:50.000000000 +0200
+++ test/org/apache/axis/transport/http/HTTPSender.java 2003-09-11
18:25:47.000000000 +0200
@@ -78,6 +78,7 @@
 import java.net.Socket;^M
 import java.net.URL;^M
 import java.util.Hashtable;^M
+import java.util.Vector;^M
 ^M
 /**^M
  * This is meant to be used on a SOAP Client to call a SOAP server.^M
@@ -88,7 +89,8 @@
 public class HTTPSender extends BasicHandler {^M
 ^M
     protected static Log log = LogFactory.getLog(HTTPSender.class.getName());^M
-^M
+       protected static final String
HTTP_SET_COOKIE_HEADER_LC=HTTPConstants.HEADER_SET_COOKIE.toLowerCase();^M
+       ^M
     /**^M
      * invoke creates a socket connection, sends the request SOAP message and
then^M
      * reads the response SOAP message back from the SOAP server^M
@@ -220,12 +222,23 @@
         // don't forget the cookies!^M
         // mmm... cookies^M
         if (msgContext.getMaintainSession()) {^M
-            String cookie = msgContext.getStrProp(HTTPConstants.HEADER_COOKIE);^M
+            Vector cookies =
(Vector)msgContext.getProperty(HTTPConstants.HEADER_COOKIE);^M
             String cookie2 = msgContext.getStrProp(HTTPConstants.HEADER_COOKIE2);^M
-^M
-            if (cookie != null) {^M
-                otherHeaders.append(HTTPConstants.HEADER_COOKIE).append(": ")^M
+                       String cookie;^M
+                       ^M
+            if (cookies != null) ^M
+            {^M
+               //Process all cookies. Add one Cookie Header per cookie.^M
+               for (int i=0; i<cookies.size(); i++)^M
+               {^M
+                       /**^M
+                        * TODO : we should send only cookies that have not
expired^M
+                        * and that are matching the current URI.^M
+                        */^M
+                       cookie=(String)cookies.elementAt(i);                    ^M
+                      
otherHeaders.append(HTTPConstants.HEADER_COOKIE).append(": ")^M
                         .append(cookie).append("\r\n");^M
+               }^M
             }^M
             if (cookie2 != null) {^M
                 otherHeaders.append(HTTPConstants.HEADER_COOKIE2).append(": ")^M
@@ -566,8 +579,23 @@
                     msgContext.setProperty(HTTPConstants.MC_HTTP_STATUS_MESSAGE,^M
                             name.substring(start + end + 1));^M
                 } else {^M
-                    headers.put(name.toLowerCase(), value);^M
-                   System.out.println("Got Header : "+name+"="+value);^M
+                       name=name.toLowerCase();^M
+                       //Check for Set-Cookie special case^M
+                       if (name.equals(HTTP_SET_COOKIE_HEADER_LC))^M
+                       {^M
+                               //An HTTP response can contain multiple
Set-Cookie headers,^M
+                               //Make sure we preserve all of them^M
+                               Vector
cookies=(Vector)headers.get(HTTP_SET_COOKIE_HEADER_LC);^M
+                               if (cookies==null)^M
+                               {^M
+                                       cookies=new Vector();^M
+                                       headers.put(HTTP_SET_COOKIE_HEADER_LC,
cookies);^M
+                               }^M
+                               cookies.add(value);^M
+                                               log.debug("Retrieved Cookie :
"+value);^M
+                       }^M
+                       else^M
+                       headers.put(name, value);                   ^M
                 }^M
                 len = 0;^M
             }^M
@@ -699,17 +727,24 @@
                              Hashtable headers, MessageContext msgContext) {^M
 ^M
         if (headers.containsKey(setCookieName.toLowerCase())) {^M
-            String cookie = (String) headers.get(setCookieName.toLowerCase());^M
-           System.out.println("HandleCookie "+cookie);^M
-            cookie = cookie.trim();^M
-^M
-            // chop after first ; a la Apache SOAP (see HTTPUtils.java there)^M
-            int index = cookie.indexOf(';');^M
-^M
-            if (index != -1) {^M
-                cookie = cookie.substring(0, index);^M
-            }^M
-            msgContext.setProperty(cookieName, cookie);^M
+            Vector cookies = (Vector) headers.get(setCookieName.toLowerCase());^M
+               ^M
+               for (int i=0; i<cookies.size(); i++)^M
+               {^M
+                   String cookie = ((String)cookies.elementAt(i)).trim();     
                        ^M
+               // chop after first ; a la Apache SOAP (see HTTPUtils.java there)^M
+               int index = cookie.indexOf(';');^M
+               if (index != -1) ^M
+               {^M
+                       /**                     ^M
+                        * TODO: improve processing. ^M
+                        * We should also keep track of the path, expiration
date and secure flags.^M
+                        */^M
+                       cookie = cookie.substring(0, index);^M
+                       cookies.set(i, cookie);^M
+               }               ^M
+               }^M
+                       msgContext.setProperty(cookieName, cookies);^M
         }^M
     }^M
 }^M
--- axis-1_1/src/org/apache/axis/transport/http/HTTPTransport.java     
2003-06-13 16:46:48.000000000 +0200
+++ test/org/apache/axis/transport/http/HTTPTransport.java      2003-09-11
18:07:24.000000000 +0200
@@ -55,6 +55,8 @@
 ^M
 package org.apache.axis.transport.http;^M
 ^M
+import java.util.Vector;^M
+^M
 import org.apache.axis.AxisEngine;^M
 import org.apache.axis.AxisFault;^M
 import org.apache.axis.MessageContext;^M
@@ -80,7 +82,7 @@
      */^M
     public static final String URL = MessageContext.TRANS_URL;^M
 ^M
-    private String cookie;^M
+    private Vector cookies;^M
     private String cookie2;^M
     private String action;^M
     ^M
@@ -116,8 +118,8 @@
         }^M
 ^M
         // Set up any cookies we know about^M
-        if (cookie != null)^M
-            mc.setProperty(HTTPConstants.HEADER_COOKIE, cookie);^M
+        if (cookies!= null)^M
+            mc.setProperty(HTTPConstants.HEADER_COOKIE, cookies);^M
         if (cookie2 != null)^M
             mc.setProperty(HTTPConstants.HEADER_COOKIE2, cookie2);^M
 ^M
@@ -130,7 +132,7 @@
     }^M
 ^M
     public void processReturnedMessageContext(MessageContext context) {^M
-        cookie = context.getStrProp(HTTPConstants.HEADER_COOKIE);^M
+        cookies = (Vector)context.getProperty(HTTPConstants.HEADER_COOKIE);^M
         cookie2 = context.getStrProp(HTTPConstants.HEADER_COOKIE2);^M
     }^M
 }^M


---------------------------------------------------------------------
JIRA INFORMATION:
This message is automatically generated by JIRA.

If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa

If you want more information on JIRA, or have a bug to report see:
   http://www.atlassian.com/software/jira


Mime
View raw message