Return-Path: X-Original-To: apmail-tomcat-users-archive@www.apache.org Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 417B810771 for ; Fri, 12 Jul 2013 09:53:04 +0000 (UTC) Received: (qmail 77485 invoked by uid 500); 12 Jul 2013 09:53:00 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 77441 invoked by uid 500); 12 Jul 2013 09:53:00 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 77432 invoked by uid 99); 12 Jul 2013 09:53:00 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 12 Jul 2013 09:53:00 +0000 X-ASF-Spam-Status: No, hits=-0.5 required=5.0 tests=FREEMAIL_ENVFROM_END_DIGIT,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of fsommer0815@googlemail.com designates 209.85.212.174 as permitted sender) Received: from [209.85.212.174] (HELO mail-wi0-f174.google.com) (209.85.212.174) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 12 Jul 2013 09:52:53 +0000 Received: by mail-wi0-f174.google.com with SMTP id k10so462520wiv.7 for ; Fri, 12 Jul 2013 02:52:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=from:content-type:content-transfer-encoding:subject:date:message-id :to:mime-version:x-mailer; bh=CTon2xMkJBKIZP/koVWYyh0kfmAW6Y/vINJDHpUnT6Q=; b=UOW1HN3NgC/cQlmfUJlOinFPaBvhwmz3BGPr5TNI/wBcrVakpR+e8KvDBJ9W57Bd+A 5i/cQUZJAlHQNErGWFqEiTt2DQ2Msm6g1SkoJHvVEuwkserMo7IuvvdtFpXumrmVOKK4 zYxlVSRSJFduFIfcl3o1a9i09PW8ygwiTerpfwQdcxjjV4ZsCl+lnxhCBNHlJn6Bje1c 5nSQZlknKbB7U8fjuKneH74WIJt78taADG5a8HW1Ahpk2+23Q7tN4eUrNCaUuRDoTb9+ 4yTvozm0Oz+yBdrUrFiiWFQPpYUwE3d7T22uB1/sXdySzZF0KcCFIYqQltTRFx3d58fR 7a+g== X-Received: by 10.180.80.6 with SMTP id n6mr1140611wix.59.1373622753555; Fri, 12 Jul 2013 02:52:33 -0700 (PDT) Received: from [192.168.1.205] (ip-176-198-115-220.unitymediagroup.de. [176.198.115.220]) by mx.google.com with ESMTPSA id fb2sm2250626wic.4.2013.07.12.02.52.32 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 12 Jul 2013 02:52:32 -0700 (PDT) From: Frank Sommer Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Subject: Tomcat 6.0.33 trailing slash redirect looses jsessionid attribute Date: Fri, 12 Jul 2013 11:52:31 +0200 Message-Id: <34EAB656-19AC-4403-8044-B53C4A335BAE@googlemail.com> To: users@tomcat.apache.org Mime-Version: 1.0 (Apple Message framework v1283) X-Mailer: Apple Mail (2.1283) X-Virus-Checked: Checked by ClamAV on apache.org Hello, I'm using URL rewriting and recently upgraded my tomcat version from = 6.0.32 to 6.0.33. I figured out that since 6.0.33 the jsessionid = attribute is omitted in the Location header when Tomcat forces a = trailing slash redirect e.g. from /mypath to /mypath/. The effect is that the session information is lost after the redirect. This pretty looks like the same as an old bug 'Bug 34749' = (https://issues.apache.org/bugzilla/show_bug.cgi?id=3D34749) in Tomcat = 5.=20 I also noticed that since 6.0.33 the jsessionid attribute is present in = the request URI now. Maybe this change caused the different behaviour = regarding the redirect.=20 Does anybody run into the same trouble and would you recommend to create = a bug report respectively? Kind Regards, Frank Sample requests using curl: ############## Tomcat 6.0.33 (the same with > 6.0.33) without trailing slash -- Location Header does no longer contain the = jsessionid.=20 ############## curl -Lv = "http://localhost:8080/jsessionid-issue;jsessionid=3DB6F1C24E3F4CEDEDC74B8= 258B2603C3D?p1=3D1" * About to connect() to localhost port 8080 (#0) * Trying ::1... * connected * Connected to localhost (::1) port 8080 (#0) > GET /jsessionid-issue;jsessionid=3DB6F1C24E3F4CEDEDC74B8258B2603C3D?p1=3D= 1 HTTP/1.1 > User-Agent: curl/7.28.0 > Host: localhost:8080 > Accept: */* >=20 < HTTP/1.1 302 Moved Temporarily < Server: Apache-Coyote/1.1 < Location: http://localhost:8080/jsessionid-issue/?p1=3D1 < Transfer-Encoding: chunked < Date: Fri, 12 Jul 2013 09:04:56 GMT <=20 * Ignoring the response-body * Connection #0 to host localhost left intact * Issue another request to this URL: = 'http://localhost:8080/jsessionid-issue/?p1=3D1' * Re-using existing connection! (#0) with host localhost * Connected to localhost (::1) port 8080 (#0) > GET /jsessionid-issue/?p1=3D1 HTTP/1.1 > User-Agent: curl/7.28.0 > Host: localhost:8080 > Accept: */* >=20 < HTTP/1.1 200 OK < Server: Apache-Coyote/1.1 < Content-Type: text/html;charset=3Dutf-8 < Content-Length: 189 < Date: Fri, 12 Jul 2013 09:04:56 GMT <=20 http session is null getRequestURI: /jsessionid-issue/ getRequestedSessionId: null isRequestedSessionIdFromURL: false isRequestedSessionIdValid: false * Connection #0 to host localhost left intact * Closing connection #0 ############## ############## Tomcat 6.0.33 with trailing slash -- no 302 redirect; jsessionid is taken into = account; everything is fine ############## curl -Lv = "http://localhost:8080/jsessionid-issue/;jsessionid=3DB6F1C24E3F4CEDEDC74B= 8258B2603C3D?p1=3D1" * About to connect() to localhost port 8080 (#0) * Trying ::1... * connected * Connected to localhost (::1) port 8080 (#0) > GET = /jsessionid-issue/;jsessionid=3DB6F1C24E3F4CEDEDC74B8258B2603C3D?p1=3D1 = HTTP/1.1 > User-Agent: curl/7.28.0 > Host: localhost:8080 > Accept: */* >=20 < HTTP/1.1 200 OK < Server: Apache-Coyote/1.1 < Content-Type: text/html;charset=3Dutf-8 < Content-Length: 285 < Date: Fri, 12 Jul 2013 09:06:55 GMT <=20 http session: B6F1C24E3F4CEDEDC74B8258B2603C3D getRequestURI: = /jsessionid-issue/;jsessionid=3DB6F1C24E3F4CEDEDC74B8258B2603C3D getRequestedSessionId: B6F1C24E3F4CEDEDC74B8258B2603C3D isRequestedSessionIdFromURL: true isRequestedSessionIdValid: true * Connection #0 to host localhost left intact * Closing connection #0 ############## ############## Tomcat 6.0.32 without trailing slash -- Location Header is fine.=20 ############## curl -Lv = "http://localhost:8080/jsessionid-issue;jsessionid=3DA91B10DC0B528E311CF35= C877B79D144?p1=3D1" * About to connect() to localhost port 8080 (#0) * Trying ::1... * connected * Connected to localhost (::1) port 8080 (#0) > GET /jsessionid-issue;jsessionid=3DA91B10DC0B528E311CF35C877B79D144?p1=3D= 1 HTTP/1.1 > User-Agent: curl/7.28.0 > Host: localhost:8080 > Accept: */* >=20 < HTTP/1.1 302 Moved Temporarily < Server: Apache-Coyote/1.1 < Location: = http://localhost:8080/jsessionid-issue/;jsessionid=3DA91B10DC0B528E311CF35= C877B79D144?p1=3D1 < Transfer-Encoding: chunked < Date: Fri, 12 Jul 2013 09:01:21 GMT <=20 * Ignoring the response-body * Connection #0 to host localhost left intact * Issue another request to this URL: = 'http://localhost:8080/jsessionid-issue/;jsessionid=3DA91B10DC0B528E311CF3= 5C877B79D144?p1=3D1' * Re-using existing connection! (#0) with host localhost * Connected to localhost (::1) port 8080 (#0) > GET = /jsessionid-issue/;jsessionid=3DA91B10DC0B528E311CF35C877B79D144?p1=3D1 = HTTP/1.1 > User-Agent: curl/7.28.0 > Host: localhost:8080 > Accept: */* >=20 < HTTP/1.1 200 OK < Server: Apache-Coyote/1.1 < Content-Type: text/html;charset=3Dutf-8 < Content-Length: 241 < Date: Fri, 12 Jul 2013 09:01:21 GMT <=20 http session: A91B10DC0B528E311CF35C877B79D144 getRequestURI: /jsessionid-issue/ getRequestedSessionId: A91B10DC0B528E311CF35C877B79D144 isRequestedSessionIdFromURL: true isRequestedSessionIdValid: true * Connection #0 to host localhost left intact * Closing connection #0 ############## --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org