Return-Path: Delivered-To: apmail-tomcat-dev-archive@www.apache.org Received: (qmail 12692 invoked from network); 23 Feb 2006 03:32:14 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 23 Feb 2006 03:32:14 -0000 Received: (qmail 52773 invoked by uid 500); 23 Feb 2006 03:32:08 -0000 Delivered-To: apmail-tomcat-dev-archive@tomcat.apache.org Received: (qmail 52718 invoked by uid 500); 23 Feb 2006 03:32:07 -0000 Mailing-List: contact dev-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Developers List" Delivered-To: mailing list dev@tomcat.apache.org Received: (qmail 52707 invoked by uid 500); 23 Feb 2006 03:32:07 -0000 Delivered-To: apmail-jakarta-tomcat-dev@jakarta.apache.org Received: (qmail 52704 invoked by uid 99); 23 Feb 2006 03:32:07 -0000 X-ASF-Spam-Status: No, hits=0.6 required=10.0 tests=NO_REAL_NAME X-Spam-Check-By: apache.org Received: from [192.87.106.226] (HELO ajax.apache.org) (192.87.106.226) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 22 Feb 2006 19:32:05 -0800 Received: by ajax.apache.org (Postfix, from userid 99) id 5F669DD; Thu, 23 Feb 2006 04:31:44 +0100 (CET) From: bugzilla@apache.org To: tomcat-dev@jakarta.apache.org Subject: DO NOT REPLY [Bug 38760] New: - path of JSESSIONID cookie (and possibly others) is passed through incorrectly Message-ID: X-Bugzilla-Reason: AssignedTo Date: Thu, 23 Feb 2006 04:31:44 +0100 (CET) X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG� RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND� INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=38760 Summary: path of JSESSIONID cookie (and possibly others) is passed through incorrectly Product: Tomcat 5 Version: 5.0.30 Platform: Other OS/Version: other Status: NEW Severity: major Priority: P2 Component: Catalina AssignedTo: tomcat-dev@jakarta.apache.org ReportedBy: brian.bonner@paraware.com If Apache is used as a proxy in front of tomcat using ProxyPass and ProxyPassreverse with a path different than the path specified in the context of the tomcat webapp, tomcat returns the cookie using the path associated with the context of the webapp instead of the initial request path as seen from the client. i.e. ProxyPass /test http://192.168.1.10/secured ProxyPassReverse /test http://192.168.1.10/secured In this case, the request is submitted to Apache web server as http://somedomain.com/test/index.html, ProxyPass translates this request to http://192.168.1.10/secured/index.html. if a cookie is placed on the request, it should be placed at: domain: somedomain.com path: /test However instead, tomcat places it at: domain: somedomain.com path: /secured When trying to login, Apache ends up logging a 408 error. I have not been able to trace through the code where the cookies are set inside Tomcat. If you set the ProxyPass, ProxyPassReverse to be the same path, this error does not occur, however this severely hinders the flexibility of the proxy. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org For additional commands, e-mail: dev-help@tomcat.apache.org