cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Hagar (JIRA)" <j...@apache.org>
Subject [jira] Commented: (CXF-3112) Further problem with cookies in Jax-RS (similar to closed issue 3035)
Date Sat, 06 Nov 2010 23:24:23 GMT

    [ https://issues.apache.org/jira/browse/CXF-3112?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12929276#action_12929276
] 

David Hagar commented on CXF-3112:
----------------------------------

I've gotten the CXF source running, and created a simple unit test that sets the two cookies
(JSESSIONID and SPRING_SECURITY_REMEMBER_ME_COOKIE) with the exact values that gave me trouble
in my live environment. However, I quickly ran into different behavior (maybe because I checked
out the latest source? maybe because of the unit test environment?), which I believe is still
wrong.

In the AbstractClient#setResponseBuilder method when executed via the unit tests my two cookies
are fetched as a single value, so 

entry.getValue().size() == 1 (and I did double check in my live environment that I hadn't
been hallucinating the size being two)
and entry.getValue() == "JSESSIONID=0475F7F30A26E5B0C15DF5B3489AE569; Path=/userservice,SPRING_SECURITY_REMEMBER_ME_COOKIE=MktUaGkrVXZjQ09RRzdleFl1QUpEZz09OlcxemFySE5jQTlMcVAyeENva28vRmc9PQ;
Expires=Sat, 20-Nov-2010 19:11:32 GMT; Path=/userservice Expires=Thu, 01-Oct-2020 23:44:22
GMT; Path=/"

Because they are collapsed into a single value, the cookies are not split at all, and the
response returns a single cookie.

While this behavior is better than that described above of returning three cookies, it still
seems sub-optimal. 

In JAXRSClientServerBookTest, I added: 
    @Test
    public void testSetTwoCookieWebClient() throws Exception {
        WebClient client = WebClient.create("http://localhost:" + PORT + "/bookstore/settwocookies");
        Response r = client.type("*/*").get();
        assertEquals(200, r.getStatus());
        List<Object> cookies = r.getMetadata().get("Set-Cookie");
        assertNotNull(cookies);
        assertEquals(2, cookies.size());
    }

In BookStore.java, I added:

    @GET
    @Path("settwocookies")
    public Response setTwoCookies() {
        return Response.ok().header("Set-Cookie","JSESSIONID=0475F7F30A26E5B0C15DF5B3489AE569;
Path=/userservice")
        							.header("Set-Cookie", 
                                        "SPRING_SECURITY_REMEMBER_ME_COOKIE=MktUaGkrVXZjQ09RRzdleFl1QUpEZz09Olcxem"

        								+ "FySE5jQTlMcVAyeENva28vRmc9PQ; Expires=Sat, 20-Nov-2010 19:11:32 GMT; Path=/userservice"
                                        + " Expires=Thu, 01-Oct-2020 23:44:22 GMT; Path=/")
                                    .build();
    }

> Further problem with cookies in Jax-RS (similar to closed issue 3035)
> ---------------------------------------------------------------------
>
>                 Key: CXF-3112
>                 URL: https://issues.apache.org/jira/browse/CXF-3112
>             Project: CXF
>          Issue Type: Bug
>          Components: JAX-RS
>    Affects Versions: 2.3.0, 2.2.11
>            Reporter: David Hagar
>
> Prior to version 2.2.11, multiple cookies were not handled properly by the method org.apache.cxf.jaxrs.client.AbstractClient#setResponseBuilder(HttpURLConnection,
Exchange) -- this was resolved for some cookies, but it still breaks for others. Specifically,
any cookie that contains an "Expires" field now gets split into two objects by the aforementioned
method. 
> For example, if the header is:
> Set-Cookie: com.wm.visitor=10789493347; Domain=.walmart.com; Expires=Thu, 01-Oct-2020
23:44:22 GMT; Path=/
> Then response.getMetadata().get("Set-Cookie"); will return an array of length 2, with
values = {" com.wm.visitor=10789493347; Domain=.walmart.com; Expires=Thu", "01-Oct-2020 23:44:22
GMT; Path=/"
> I'm pretty sure this is a conflict of the code looking for date related headers conflicting
with the code looking for cookie related headers. 

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message