tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 24254] New: - getRequestedSessionId contradicts servlet spec
Date Thu, 30 Oct 2003 15:40:15 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=24254>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=24254

getRequestedSessionId contradicts servlet spec

           Summary: getRequestedSessionId contradicts servlet spec
           Product: Tomcat 4
           Version: 4.1.27
          Platform: PC
        OS/Version: Windows XP
            Status: NEW
          Severity: Major
          Priority: Other
         Component: Servlet & JSP API
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: cbraun@novell.com


When calling getRequestedSessionId I expect null to be returned when a client 
does not specify a jsessionid via cookie or URL.  This is not the result with 
Tomcat 4.1.27.  The first visit to a site when no jsessionid is provided 
should cause this method to return null per the javadoc.  

The 2.3 javadoc is quite ambiguous but servlet 2.4 clarifies the expectation:

"Returns the session ID specified by the client. This may not be the same as
the ID of the current valid session for this request. If the client did not 
specify a session ID, this method returns null."

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message