tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Frank Sommer <fsommer0...@googlemail.com>
Subject Tomcat 6.0.33 trailing slash redirect looses jsessionid attribute
Date Fri, 12 Jul 2013 09:52:31 GMT
Hello,

I'm using URL rewriting and recently upgraded my tomcat version from 6.0.32 to 6.0.33. I figured
out that since 6.0.33 the jsessionid attribute is omitted in the Location header when Tomcat
forces a trailing slash redirect e.g. from /mypath to /mypath/.
The effect is that the session information is lost after the redirect.

This pretty looks like the same as an old bug 'Bug 34749' (https://issues.apache.org/bugzilla/show_bug.cgi?id=34749)
in Tomcat 5. 

I also noticed that since 6.0.33 the jsessionid attribute is present in the request URI now.
Maybe this change caused the different behaviour regarding the redirect. 

Does anybody run into the same trouble and would you recommend to create a bug report respectively?

Kind Regards,
Frank


Sample requests using curl:

##############
Tomcat 6.0.33 (the same with > 6.0.33)
without trailing slash -- Location Header does no longer contain the jsessionid. 
##############
curl -Lv "http://localhost:8080/jsessionid-issue;jsessionid=B6F1C24E3F4CEDEDC74B8258B2603C3D?p1=1"
* About to connect() to localhost port 8080 (#0)
*   Trying ::1...
* connected
* Connected to localhost (::1) port 8080 (#0)
> GET /jsessionid-issue;jsessionid=B6F1C24E3F4CEDEDC74B8258B2603C3D?p1=1 HTTP/1.1
> User-Agent: curl/7.28.0
> Host: localhost:8080
> Accept: */*
> 
< HTTP/1.1 302 Moved Temporarily
< Server: Apache-Coyote/1.1
< Location: http://localhost:8080/jsessionid-issue/?p1=1
< Transfer-Encoding: chunked
< Date: Fri, 12 Jul 2013 09:04:56 GMT
< 
* Ignoring the response-body
* Connection #0 to host localhost left intact
* Issue another request to this URL: 'http://localhost:8080/jsessionid-issue/?p1=1'
* Re-using existing connection! (#0) with host localhost
* Connected to localhost (::1) port 8080 (#0)
> GET /jsessionid-issue/?p1=1 HTTP/1.1
> User-Agent: curl/7.28.0
> Host: localhost:8080
> Accept: */*
> 
< HTTP/1.1 200 OK
< Server: Apache-Coyote/1.1
< Content-Type: text/html;charset=utf-8
< Content-Length: 189
< Date: Fri, 12 Jul 2013 09:04:56 GMT
< 

<html>
<body>
http session is null
getRequestURI: /jsessionid-issue/
getRequestedSessionId: null
isRequestedSessionIdFromURL: false
isRequestedSessionIdValid: false
</body>
</html>
* Connection #0 to host localhost left intact
* Closing connection #0
##############


##############
Tomcat 6.0.33
with trailing slash -- no 302 redirect; jsessionid is taken into account; everything is fine
##############
curl -Lv "http://localhost:8080/jsessionid-issue/;jsessionid=B6F1C24E3F4CEDEDC74B8258B2603C3D?p1=1"
* About to connect() to localhost port 8080 (#0)
*   Trying ::1...
* connected
* Connected to localhost (::1) port 8080 (#0)
> GET /jsessionid-issue/;jsessionid=B6F1C24E3F4CEDEDC74B8258B2603C3D?p1=1 HTTP/1.1
> User-Agent: curl/7.28.0
> Host: localhost:8080
> Accept: */*
> 
< HTTP/1.1 200 OK
< Server: Apache-Coyote/1.1
< Content-Type: text/html;charset=utf-8
< Content-Length: 285
< Date: Fri, 12 Jul 2013 09:06:55 GMT
< 

<html>
<body>
http session: B6F1C24E3F4CEDEDC74B8258B2603C3D
getRequestURI: /jsessionid-issue/;jsessionid=B6F1C24E3F4CEDEDC74B8258B2603C3D
getRequestedSessionId: B6F1C24E3F4CEDEDC74B8258B2603C3D
isRequestedSessionIdFromURL: true
isRequestedSessionIdValid: true
</body>
</html>
* Connection #0 to host localhost left intact
* Closing connection #0
##############



##############
Tomcat 6.0.32
without trailing slash -- Location Header is fine. 
##############
curl -Lv "http://localhost:8080/jsessionid-issue;jsessionid=A91B10DC0B528E311CF35C877B79D144?p1=1"
* About to connect() to localhost port 8080 (#0)
*   Trying ::1...
* connected
* Connected to localhost (::1) port 8080 (#0)
> GET /jsessionid-issue;jsessionid=A91B10DC0B528E311CF35C877B79D144?p1=1 HTTP/1.1
> User-Agent: curl/7.28.0
> Host: localhost:8080
> Accept: */*
> 
< HTTP/1.1 302 Moved Temporarily
< Server: Apache-Coyote/1.1
< Location: http://localhost:8080/jsessionid-issue/;jsessionid=A91B10DC0B528E311CF35C877B79D144?p1=1
< Transfer-Encoding: chunked
< Date: Fri, 12 Jul 2013 09:01:21 GMT
< 
* Ignoring the response-body
* Connection #0 to host localhost left intact
* Issue another request to this URL: 'http://localhost:8080/jsessionid-issue/;jsessionid=A91B10DC0B528E311CF35C877B79D144?p1=1'
* Re-using existing connection! (#0) with host localhost
* Connected to localhost (::1) port 8080 (#0)
> GET /jsessionid-issue/;jsessionid=A91B10DC0B528E311CF35C877B79D144?p1=1 HTTP/1.1
> User-Agent: curl/7.28.0
> Host: localhost:8080
> Accept: */*
> 
< HTTP/1.1 200 OK
< Server: Apache-Coyote/1.1
< Content-Type: text/html;charset=utf-8
< Content-Length: 241
< Date: Fri, 12 Jul 2013 09:01:21 GMT
< 

<html>
<body>
http session: A91B10DC0B528E311CF35C877B79D144
getRequestURI: /jsessionid-issue/
getRequestedSessionId: A91B10DC0B528E311CF35C877B79D144
isRequestedSessionIdFromURL: true
isRequestedSessionIdValid: true
</body>
</html>
* Connection #0 to host localhost left intact
* Closing connection #0
##############


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message