tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Papillon <lea...@wanadoo.fr>
Subject Re: JSESSIONID problem.
Date Thu, 05 Feb 2004 00:41:43 GMT
You say both IE are sames but you seems to have two differents OS windows
XP(server 2003 ?) and windows 2000
You've a lot security problems with XP so with cookies too.
Try to set the security very low, accept all type of cookies temporaly to be
sure it's not a security's windows problem...

Papillon

> De : "Chugh, Sanjay" <schugh@filenet.com>
> Répondre à : "Tomcat Users List" <tomcat-user@jakarta.apache.org>
> Date : Wed, 4 Feb 2004 15:52:46 -0700
> À : "Tomcat Users List" <tomcat-user@jakarta.apache.org>
> Objet : JSESSIONID problem.
> 
> Thanks. I have changed the subject because it better reflects the
> problem after some analysis. Thanks to Papillon for suggesting to use
> burp proxy. However, now I am at a loss to explain the behaviour after
> analyzing the log from burp proxy.
> When I run IE on my box and target TomCat on my box, and I click on a
> link in my app which launches another window, the http header is:
> 
> ======================================================
> http://schughpc:8080  [10.32.2.41]
> ======================================================
> GET /Workplace/FormServlet?cmd=blank&context=form HTTP/1.0
> Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
> application/vnd.ms-excel, application/vnd.ms-powerpoint,
> application/msword, application/x-shockwave-flash, */*
> Referer:
> http://localhost:8080/Workplace/properties/DocumentForm.jsp?policyObject
> StoreName=eForms&objectStoreName=eForms&vsId=%7B0A1D7877-B64B-4927-B698-
> 9642C6DB6B60%7D&windowId=56657&policyId=%7B14CBF1E8-606C-4D7F-AE88-54033
> 5681DD7%7D&returnUrl=http%3A%2F%2Flocalhost%3A8080%2FWorkplace%2FWcmBrow
> se.jsp%3FwindowId%3DmainWindow&id=%7B8121190B-BF94-454D-92EB-2262A3FD71D
> E%7D
> Accept-Language: en-us
> Proxy-Connection: Keep-Alive
> User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR
> 1.0.3705)
> Host: schughpc:8080
> 
> 
> ======================================================
> 
> Here you can see the JSESSIONID cookie is missing when it was present in
> all the headers grabbed by burp proxy prior to this one.
> 
> When I run IE on another machine but still target TomCat on my machine,
> the http header for the same request looks like:
> 
> ======================================================
> http://schughpc:8080  [10.32.2.41]
> ======================================================
> GET /Workplace/FormServlet?cmd=blank&context=form HTTP/1.0
> Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
> Referer:
> http://schughpc:8080/Workplace/properties/DocumentForm.jsp?policyObjectS
> toreName=eForms&objectStoreName=eForms&vsId=%7B0A1D7877-B64B-4927-B698-9
> 642C6DB6B60%7D&windowId=87588&policyId=%7B14CBF1E8-606C-4D7F-AE88-540335
> 681DD7%7D&returnUrl=http%3A%2F%2Fschughpc%3A8080%2FWorkplace%2FWcmBrowse
> .jsp%3FwindowId%3DmainWindow&id=%7B8121190B-BF94-454D-92EB-2262A3FD71DE%
> 7D
> Accept-Language: en-us
> Proxy-Connection: Keep-Alive
> User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR
> 1.0.3705)
> Host: schughpc:8080
> Cookie: JSESSIONID=68AF13A9B0FE3C8A200BDB594E753ECC
> 
> 
> ======================================================
> 
> You can see the cookie is present.
> The requests afterwards use this cookie and everything works fine.
> 
> However in the latter case (where the cookie is missing), the next
> request receives a new cookie and everything starts falling apart.
> 
> IE on both machine is set up identically.
> 
> If anyone knows or has any suggestions as to the problem, it would be
> much appreciated.
> 
> Thanks,
> 
> -- Sanjay
> 
> 
> -----Original Message-----
> From: Papillon [mailto:leakim@wanadoo.fr]
> Sent: Wednesday, February 04, 2004 2:02 PM
> To: Tomcat Users List
> Subject: Re: Is this a Tomcat problem? Someone please point me in
> theright direction to solve this problem...
> 
> 
> Try burp proxy (Thanks again Mr Yansheng Lin) to see differences. Your
> server have only one ip ? No NAT on your network ? WAN adress ? My
> problem is not the same but perhaps it can help you in research :
> http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg117526.htm
> l
> 
> Good luck ! 
> 
> 
> 
>> De : "Chugh, Sanjay" <schugh@filenet.com>
>> Répondre à : "Tomcat Users List" <tomcat-user@jakarta.apache.org>
> Date 
>> : Wed, 4 Feb 2004 12:43:40 -0700 À : "Tomcat Users List"
>> <tomcat-user@jakarta.apache.org> Objet : Is this a Tomcat problem?
>> Someone please point me in the right direction to solve this
>> problem...
>> 
>> I am part of a large team working on a java project with Tomcat. We
>> are using jdk1.3.1 and Tomcat 4.1.18. The problem is that the latest
>> build of our application has a problem on my machine. I've tracked it
>> down to what seems like a problem with the session. When code that
>> retreives information from the session is executed, it is not giving a
> 
>> valid result back. The part that I am having problem with is that it
>> is a problem only on my machine. In fact if I hit the Tomcat server on
> 
>> my machine from another machine on the network, then everything works
>> fine as well. The same is true if I hit the Tomcat server on my
>> machine from a virtual machine running also on my machine. It is only
>> when I run the application itself on my machine. I did just check one
>> other thing. That is I started IE on my machine but hit the tomcat
>> server on another physical machine. This time the application worked
>> fine on my machine. This is all very confusing, and I am at a loss to
>> explain what is is on my machine or my tomcat server that is causing a
> 
>> problem.
>> 
>> I've compared the different machine configuration (they are all pretty
> 
>> similar). The Internet Explore options on all the machines are
>> identical.
>> 
>> I would apreciate any ideas someone might have to offer.
>> 
>> Thanks,
>> 
>> 
>> -- Sanjay
>> 
>> 
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message