tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stuart Roebuck <stuart.roeb...@adolos.co.uk>
Subject [4.0.1+][PATCH] http10/HttpProcessor.java - lost cookies bug
Date Fri, 07 Dec 2001 13:33:07 GMT
I've been loosing cookies running Cocoon under Tomcat 4 and have tracked 
the problem down to the HTTP 1.0 Processor class.

The current code throws away any cookies after the first session id is 
found.

Here's a patch which aught to work:

> Index: 
> catalina/src/share/org/apache/catalina/connector/http10/HttpProcessor.java
> ===================================================================
> RCS file: /home/cvspublic/jakarta-
> tomcat-4.0/catalina/src/share/org/apache/catalina/connector/http10/HttpProcessor.
> java,v
> retrieving revision 1.5
> diff -u -r1.5 HttpProcessor.java
> --- catalina/src/share/org/apache/catalina/connector/http10/HttpProcessor.
> java	2001/11/09 19:38:44	1.5
> +++ catalina/src/share/org/apache/catalina/connector/http10/HttpProcessor.
> java	2001/12/07 13:03:26
> @@ -464,16 +464,16 @@
>                  for (int i = 0; i < cookies.length; i++) {
>                      if (cookies[i].getName().equals
>                          (Globals.SESSION_COOKIE_NAME)) {
> -
> -                        // Override anything requested in the URL
> -                        
> request.setRequestedSessionId(cookies[i].getValue());
> -                        request.setRequestedSessionCookie(true);
> -                        request.setRequestedSessionURL(false);
> -                        if (debug >= 1)
> -                          log(" Requested cookie session id is " +
> -                              ((HttpServletRequest) 
> request.getRequest()).getRequestedSessionId());
> -                        break;  // Accept only the first session id value
> -
> +                        // If there is more than one session id cookie, 
> only use the first one.
> +                        if (!request.isRequestedSessionIdFromCookie()   
>                     ) {
> +                            // Override anything requested in the URL
> +                            
> request.setRequestedSessionId(cookies[i].getValue());
> +                            request.setRequestedSessionCookie(true);
> +                            request.setRequestedSessionURL(false);
> +                            if (debug >= 1)
> +                            log(" Requested cookie session id is " +
> +                                ((HttpServletRequest) request.getRequest(
> )).getRequestedSessionId());
> +                        }
>                      }
>                      request.addCookie(cookies[i]);
>                  }


Mime
View raw message