tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Craig R. McClanahan" <Craig.McClana...@eng.sun.com>
Subject Re: FW: sessionID within URL and loadbalance (was: WAP and sessionIDs)
Date Thu, 16 Nov 2000 23:12:14 GMT
Shai,

Your suggested bugfix is in my stack of changes that I'm going through
at the moment.  I don't expect to run into any problems with it, and
plan to incorporate it into post-beta7.  I will definitely let you know
if I have any questions.

Thanks for submitting the patch!

Craig


shai@brm.com wrote:

> Hi,
>
> This is my fix to all the WAP question going around lately.
>
> I have sent last week interceptor that is doing the same
> (URLSeessionInterceptor) and you replied that it will be add it to
> sources after b7.
>
> This is better way to solve the problem of URL embedded sessionIDs and
> no-cookie browsers (WAP).
>
> Please let me know whether you are going to include that in tomcat
> 3.2.
>
> (this fix bug #328)
>
> TIA.
>
> --Shai
>
> -----Original Message-----
> From: Shai Fultheim (BRM IL)
> Sent: Thursday, November 16, 2000 01:03
> To: 'tomcat-dev@jakarta.apache.org'
> Cc: 'Craig R. McClanahan'
> Subject: sessionID within URL and loadbalance (was: WAP and
> sessionIDs)
> Importance: High
>
> Hi all,
>
> The patch below fix a bug that didn’t let tomcat to run in loadbalance
> configuration, while having the session managed only in URL.
>
> The mail problem with load balancing is that the jvmRoute param (which
> is the tomcat name as known from apache side) must be added to the
> session (ie. Assuming the sessionid was ‘xxx’ it have to be changed to
> ‘xxx.t1’ assuming that t1 is the name of that tomcat instance).
>
> Now, tomcat handle jvmRoute at his side by adding that parameter to
> the jsessionid cookie. THIS IS A BUG, since encode URL still use the
> original sessionID (without the ‘.jvmRoute’).
>
> In order to fix that sessionID must be changed so it contains jvmRoute
> (assuming we have it). Please see the code fix below.
>
> Please approve this (and merge with the code ASAP), since cellular
> phones, which use WAP (and does not support cookies) can’t work with
> loadbalnce configuration of apache+tomcat.
>
> Thanks in advance.
>
> --Shai Fultheim.
>
> ________________________
>
> Shai Fultheim
>
> Chief Technology Officer
>
> BRM Seed
>
> E-Mail: shai@brm.com
>
> Mobile: 972-53-866-459
>
> Office: 972-2-5891-459
>
> Index: tomcat/request/SessionInterceptor.java
>
> ===================================================================
>
> RCS file:
> /home/cvspublic/jakarta-tomcat/src/share/org/apache/tomcat/request/SessionInterceptor.java,v
>
> retrieving revision 1.24.2.2
>
> diff -u -w -r1.24.2.2 SessionInterceptor.java
>
> --- tomcat/request/SessionInterceptor.java2000/11/11 02:07:021.24.2.2
>
> +++ tomcat/request/SessionInterceptor.java2000/11/15 22:44:05
>
> @@ -75,6 +75,7 @@
>
> * This implementation only handles Cookies sessions, please extend or
>
> * add new interceptors for other methods.
>
> *
>
> + * @author Shai Fultheim [shai@brm.com]Session contains jsIdent
>
> */
>
> public class SessionInterceptor extendsBaseInterceptor
>
> {
>
> @@ -112,8 +113,6 @@
>
> if ((foundAt=uri.indexOf(sig))!=-1){
>
> sessionId=uri.substring(foundAt+sig.length());
>
> -// I hope the optimizer does it's job:-)
>
> -sessionId = fixSessionId( request, sessionId );
>
> // rewrite URL, do I need to do anything more?
>
> request.setRequestURI(uri.substring(0, foundAt));
>
> @@ -126,24 +125,6 @@
>
> return 0;
>
> }
>
> -/** Fix the session id. If the session is not valid return null.
>
> -*It will also clean up the session from load-balancing strings.
>
> -* @return sessionId, or null if not valid
>
> -*/
>
> -private String fixSessionId(Request request, String sessionId){
>
> -// GS, We piggyback the JVM id on top of the session cookie
>
> -// Separate them ...
>
> -
>
> -if( debug>0 ) cm.log(" Orig sessionId" + sessionId );
>
> -if (null != sessionId) {
>
> -int idex = sessionId.lastIndexOf(SESSIONID_ROUTE_SEP);
>
> -if(idex > 0) {
>
> -sessionId = sessionId.substring(0, idex);
>
> -}
>
> -}
>
> -return sessionId;
>
> -}
>
> -
>
> public int beforeBody( Request rrequest, Response response ) {
>
> String reqSessionId = response.getSessionId();
>
> if( debug>0 ) cm.log("Before Body " + reqSessionId );
>
> @@ -159,11 +140,6 @@
>
> sessionPath = "/";
>
> }
>
> -// GS, piggyback the jvm route on the session id.
>
> -String jvmRoute = rrequest.getJvmRoute();
>
> -if(null != jvmRoute) {
>
> -reqSessionId = reqSessionId + SESSIONID_ROUTE_SEP + jvmRoute;
>
> -}
>
> Cookie cookie = new Cookie("JSESSIONID",
>
> reqSessionId);
>
> Index: tomcat/session/StandardManager.java
>
> ===================================================================
>
> RCS file:
> /home/cvspublic/jakarta-tomcat/src/share/org/apache/tomcat/session/Attic/StandardManager.java,v
>
> retrieving revision 1.11
>
> diff -u -w -r1.11 StandardManager.java
>
> --- tomcat/session/StandardManager.java2000/06/18 20:14:131.11
>
> +++ tomcat/session/StandardManager.java2000/11/15 22:44:06
>
> @@ -1,5 +1,5 @@
>
> /*
>
> - * $Header:
> /home/cvspublic/jakarta-tomcat/src/share/org/apache/tomcat/session/Attic/StandardManager.java,v
> 1.11 2000/06/18 20:14:13 jon Exp $
>
> + * $Header:
> /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/session/Attic/StandardManager.java,v
> 1.11 2000/06/18 20:14:13 jon Exp $
>
> * $Revision: 1.11 $
>
> * $Date: 2000/06/18 20:14:13 $
>
> *
>
> @@ -102,6 +102,7 @@
>
> * @author Craig R. McClanahan
>
> * @author costin@eng.sun.com
>
> * @author <a href="mailto:jon@latchkey.com">Jon S. Stevens</a>
>
> + * @author Shai Fultheim [shai@brm.com]Get jsIdent
>
> * @version $Revision: 1.11 $ $Date: 2000/06/18 20:14:13 $
>
> */
>
> public final class StandardManager implements Runnable{
>
> @@ -351,7 +352,7 @@
>
> * @exception IllegalStateException if a new session cannot be
>
> *instantiated for any reason
>
> */
>
> -public HttpSession getNewSession() {
>
> +public HttpSession getNewSession(String jsIdent) {
>
> if ((maxActiveSessions >= 0) &&
>
> (sessions.size() >= maxActiveSessions))
>
> @@ -375,7 +376,7 @@
>
> session.setValid(true);
>
> session.setCreationTime(System.currentTimeMillis());
>
> session.setMaxInactiveInterval(this.maxInactiveInterval);
>
> -session.setId(SessionUtil.generateSessionId());
>
> +session.setId(SessionUtil.generateSessionId(jsIdent));
>
> return (session);
>
> }
>
> Index: tomcat/session/StandardSessionInterceptor.java
>
> ===================================================================
>
> RCS file:
> /home/cvspublic/jakarta-tomcat/src/share/org/apache/tomcat/session/StandardSessionInterceptor.java,v
>
> retrieving revision 1.5.2.2
>
> diff -u -w -r1.5.2.2 StandardSessionInterceptor.java
>
> --- tomcat/session/StandardSessionInterceptor.java2000/11/15
> 04:19:191.5.2.2
>
> +++ tomcat/session/StandardSessionInterceptor.java2000/11/15 22:44:07
>
> @@ -85,7 +85,7 @@
>
> * session stuff ( cookie, rewrite, etc)
>
> *
>
> * @author costin@eng.sun.com
>
> - * @author hans@gefionsoftware.com (fixed it so that URL session ID
> is used)
>
> + * @author Shai Fultheim [shai@brm.com]Send jsIdent to new
> getNewSession
>
> */
>
> public final class StandardSessionInterceptorextends BaseInterceptor {
>
> int manager_note;
>
> @@ -145,7 +145,6 @@
>
> if (cookie.getName().equals("JSESSIONID")) {
>
> sessionId = cookie.getValue();
>
> -sessionId = fixSessionId( request, sessionId );
>
> if (debug > 0) log("Found session id cookie " + sessionId);
>
> request.setRequestedSessionId( sessionId );
>
> request.setSessionIdSource( Request.SESSIONID_FROM_COOKIE );
>
> @@ -174,7 +173,7 @@
>
> if( request.getSession( false ) != null )
>
> return 0; // somebody already set the session
>
> -HttpSession newS=sM.getNewSession();
>
> +HttpSession newS=sM.getNewSession(request.getJvmRoute());
>
> request.setSession( newS );
>
> return 0;
>
> }
>
> @@ -237,20 +236,6 @@
>
> } catch(IllegalStateException ex ) {
>
> throw new TomcatException( ex );
>
> }
>
> -}
>
> -
>
> -private String fixSessionId(Request request, String sessionId){
>
> -// GS, We piggyback the JVM id on top of the session cookie
>
> -// Separate them ...
>
> -
>
> -if( debug>0 ) cm.log(" Orig sessionId" + sessionId );
>
> -if (null != sessionId) {
>
> -int idex = sessionId.lastIndexOf(SESSIONID_ROUTE_SEP);
>
> -if(idex > 0) {
>
> -sessionId = sessionId.substring(0, idex);
>
> -}
>
> -}
>
> -return sessionId;
>
> }
>
> }
>
> Index: tomcat/util/SessionIdGenerator.java
>
> ===================================================================
>
> RCS file:
> /home/cvspublic/jakarta-tomcat/src/share/org/apache/tomcat/util/SessionIdGenerator.java,v
>
> retrieving revision 1.3.2.1
>
> diff -u -w -r1.3.2.1 SessionIdGenerator.java
>
> --- tomcat/util/SessionIdGenerator.java2000/08/23 20:23:161.3.2.1
>
> +++ tomcat/util/SessionIdGenerator.java2000/11/15 22:44:08
>
> @@ -1,5 +1,5 @@
>
> /*
>
> - * $Header:
> /home/cvspublic/jakarta-tomcat/src/share/org/apache/tomcat/util/SessionIdGenerator.java,v
> 1.3.2.1 2000/08/23 20:23:16 jiricka Exp $
>
> + * $Header:
> /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/util/SessionIdGenerator.java,v
> 1.3.2.1 2000/08/23 20:23:16 jiricka Exp $
>
> * $Revision: 1.3.2.1 $
>
> * $Date: 2000/08/23 20:23:16 $
>
> *
>
> @@ -76,6 +76,7 @@
>
> * @author James Duncan Davidson [duncan@eng.sun.com]
>
> * @author Jason Hunter [jhunter@acm.org]
>
> * @author Jon S. Stevens <a
> href="mailto:jon@latchkey.com">jon@latchkey.com</a>
>
> + * @author Shai Fultheim [shai@brm.com]Get jsIdent
>
> */
>
> public class SessionIdGenerator {
>
> @@ -172,7 +173,7 @@
>
> return sessionId.toString();
>
> }
>
> -public static synchronized String generateId() {
>
> -return getIdentifier(null);
>
> +public static synchronized String generateId(String jsIdent) {
>
> +return getIdentifier(jsIdent);
>
> }
>
> }
>
> Index: tomcat/util/SessionUtil.java
>
> ===================================================================
>
> RCS file:
> /home/cvspublic/jakarta-tomcat/src/share/org/apache/tomcat/util/Attic/SessionUtil.java,v
>
> retrieving revision 1.5.2.1
>
> diff -u -w -r1.5.2.1 SessionUtil.java
>
> --- tomcat/util/SessionUtil.java2000/08/25 23:01:151.5.2.1
>
> +++ tomcat/util/SessionUtil.java2000/11/15 22:44:09
>
> @@ -1,5 +1,5 @@
>
> /*
>
> - * $Header:
> /home/cvspublic/jakarta-tomcat/src/share/org/apache/tomcat/util/Attic/SessionUtil.java,v
> 1.5.2.1 2000/08/25 23:01:15 nacho Exp $
>
> + * $Header:
> /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/util/Attic/SessionUtil.java,v
> 1.5.2.1 2000/08/25 23:01:15 nacho Exp $
>
> * $Revision: 1.5.2.1 $
>
> * $Date: 2000/08/25 23:01:15 $
>
> *
>
> @@ -74,6 +74,7 @@
>
> * <code>Session</code> implementations.
>
> *
>
> * @author Craig R. McClanahan
>
> + * @author Shai Fultheim [shai@brm.com]Get jsIdent
>
> * @version $Revision: 1.5.2.1 $ $Date: 2000/08/25 23:01:15 $
>
> */
>
> @@ -175,8 +176,8 @@
>
> /**
>
> * Generate and return a new session identifier.
>
> */
>
> -public static String generateSessionId() {
>
> -return SessionIdGenerator.generateId();
>
> +public static String generateSessionId(String jsIdent) {
>
> +return SessionIdGenerator.generateId(jsIdent);
>
> }
>
> /**
>

Mime
View raw message