tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "SERENNE,PHILIPPE (Non-HP-France,ex2)" <philippe_sere...@non.hp.com>
Subject Bug in tomcat 3.2.1
Date Fri, 09 Mar 2001 11:53:23 GMT

I would like to report 2 problems noticed in the behavior and n the source
code for tomcat3.2.1

These problems concern the session management.

-1-
When cookies are used, the domain is not set in the cookie :
SessionInterceptor class :
public int beforeBody( Request rrequest, Response response ) {
    	...

	Cookie cookie = new Cookie("JSESSIONID",
				   reqSessionId);
    	cookie.setMaxAge(-1);
        cookie.setPath(sessionPath);
    	cookie.setVersion(1);
	
	response.addHeader( CookieTools.getCookieHeaderName(cookie),
			    CookieTools.getCookieHeaderValue(cookie));
    	cookie.setVersion(0);
	response.addHeader( CookieTools.getCookieHeaderName(cookie),
			    CookieTools.getCookieHeaderValue(cookie));
	
    	return 0;
    }
And in addition there is no way to configure the doamin from configuration
files that is 
an important feature !

-2-
When using URL rewriting, it doesn't work :
String sig=";jsessionid=";
	int foundAt=-1;
	if( debug>0 ) cm.log(" XXX RURI=" + request.getRequestURI());

	if ((foundAt=request.getRequestURI().indexOf(sig))!=-1){
	
sessionId=request.getRequestURI().substring(foundAt+sig.length());
	    // rewrite URL, do I need to do anything more?
	    request.setRequestURI(request.getRequestURI().substring(0,
foundAt));
	    sessionId=validateSessionId(request, sessionId);
	    if (sessionId!=null){
		request.setRequestedSessionIdFromURL(true);
	    }
	}
	return 0;
As the request.getRequestURI() doesn't return the query String
use instead 
	if ((foundAt=request.getQueryString()).indexOf(sig))!=-1){ ??

I hope this may help..
regards
filou


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, email: tomcat-dev-help@jakarta.apache.org


Mime
View raw message