-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Markus,
Markus Reis wrote:
> I [set up a filter that emits stack traces] and finally found the
> problematic code (of course in the web application - in doGet/doPost
> of NewSessionServlet - and not in Tomcat/JBoss):
>
> [snip]
>
>while (params.ha
> Or use the same trick
>
> new Throwable("Oups").printStackTrace();
>
> inside your listener to not just write out session creations and
> destroys, but the code stack at that moment. Above Wrapper is nicer,
> using the same trick in your existing listener is simpler and faster.
I did that and
Christopher Schultz schrieb:
> Try this:
>
> Write a filter that wraps the HttpServletResponde object with an
> HttpServletResponseWrapper object that you customize. Override the
> addCookie method like this:
>
> public void addCookie(Cookie c)
> {
>super.addCookie(c);
>
>new Throwable("
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Markus,
Markus Reis wrote:
> I added a HttpSessionListener to my web.xml, which only makes a
> System.out.println("session created | destroyed") whenever one of those
> events occurs and found out that before NewSession Servlet (remember the url
>
> From: Markus Reis [mailto:[EMAIL PROTECTED]
> Subject: Re: RE: multiple Set-Cookie headers in initial http response
>
> I have the impression that this happens already before the
> webapp comes into play, because the HttpSessionListener
> implementation prints out thos
> Sounds like something in the webapp is invalidating the current session
> and creating a new one each time it processes a parameter. Perhaps code that
> should be executed once is incorrectly placed inside a loop?
I have the impression that this happens already before the webapp comes into
pla
> From: André Warnier [mailto:[EMAIL PROTECTED]
> Subject: Re: multiple Set-Cookie headers in initial http response
>
> Since you mention JBoss (which I don't know), is that still
> some kind of HTTP server front-end to Tomcat ?
JBoss is a full Java EE app server, using
> Since you mention JBoss (which I don't know), is that still some kind of
> HTTP server front-end to Tomcat ?
No (at least not AFAIK).
> I see that you are using port 48080 to access it.
> In your Tomcat "server.xml", is there a Connector with that same port
> number ?
Yes.
> It is a bit far
Markus Reis wrote:
[...]
> There are however three new observation results:
> (1) This also happens with GET requests (Previously I tested GET
requests only with an empty query string - sorry for that)
Well, if you keep on changing the conditions, we'll never get out of
this ;-)
> I have now
> Markus Reis wrote:
> [...]
> Further I found out that this happens only with an initial POST request
> - if I do the same via GET only one Set-Cookie header is returned (I
> wrote before that I was not able to reproduce those 900 Set-Cookie
> headers on my PC, but that was due to the fact that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Markus,
Markus Reis wrote:
> Yes, the RequestDumperValve also dumps the response - therefore I'm
> SURE that it is Tomcat that sends the 900 Set-Cookie headers and no
> other network component between client and server.
I second Andre's recommendatio
Markus Reis wrote:
[...]
Further I found out that this happens only with an initial POST request
- if I do the same via GET only one Set-Cookie header is returned (I
wrote before that I was not able to reproduce those 900 Set-Cookie
headers on my PC, but that was due to the fact that I sent the
> André Warnier wrote:
> > Markus Reis wrote:
> Our Tomcat 5.5 sends 30 cookie
> (cookie=JSESSIONID=2D79FB71207A83A09B32677B9640693E.jbprod;
> domain=null; path=/)
> >>> Are they all identical?
> >>
> >> No. They are ALL different (and they also differ from response to
> >> response)
> Markus Reis wrote:
> >>> Our Tomcat 5.5 sends 30 cookie
> >>> (cookie=JSESSIONID=2D79FB71207A83A09B32677B9640693E.jbprod;
> >>> domain=null; path=/)
> >> Are they all identical?
> >
> > No. They are ALL different (and they also differ from response to
> response)
> >
> >>> and 900 Set-Cookie
>
André Warnier wrote:
> Markus Reis wrote:
Our Tomcat 5.5 sends 30 cookie
(cookie=JSESSIONID=2D79FB71207A83A09B32677B9640693E.jbprod;
domain=null; path=/)
>>> Are they all identical?
>>
>> No. They are ALL different (and they also differ from response to
>> response)
>>
and 900 S
Markus Reis wrote:
Our Tomcat 5.5 sends 30 cookie
(cookie=JSESSIONID=2D79FB71207A83A09B32677B9640693E.jbprod;
domain=null; path=/)
Are they all identical?
No. They are ALL different (and they also differ from response to response)
and 900 Set-Cookie
(header=Set-Cookie=JSESSIONID=2D79FB71207A
> > Our Tomcat 5.5 sends 30 cookie
> > (cookie=JSESSIONID=2D79FB71207A83A09B32677B9640693E.jbprod;
> > domain=null; path=/)
>
> Are they all identical?
No. They are ALL different (and they also differ from response to response)
>
> > and 900 Set-Cookie
> > (header=Set-Cookie=JSESSIONID=2D79FB71
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Markus,
Markus Reis wrote:
> Our Tomcat 5.5 sends 30 cookie
> (cookie=JSESSIONID=2D79FB71207A83A09B32677B9640693E.jbprod;
> domain=null; path=/)
Are they all identical?
> and 900 Set-Cookie
> (header=Set-Cookie=JSESSIONID=2D79FB71207A83A09B32677B964
Our Tomcat 5.5 sends 30 cookie
(cookie=JSESSIONID=2D79FB71207A83A09B32677B9640693E.jbprod; domain=null;
path=/) and 900 Set-Cookie
(header=Set-Cookie=JSESSIONID=2D79FB71207A83A09B32677B9640693E.jbprod; Path=/;
Secure) headers in the http response header back to the external clients
(during the
19 matches
Mail list logo
