BugRat Mail System wrote:
>
> Bug report #380 has just been filed.
> [...]
> Environment:
> Release: 3.2 Beta 7
> JVM Release: 1.3
> Operating System: Linux/NT
> OS Release: 2.2.16/4
> Platform: any
>
> Synopsis:
> Sessions don't work without cookies
>
> Description:
> If Cookies are turned off in a browser the
> session-management by url-rewriting does not work.
> This bug was introduced by 3.2 beta6 and is still around
> in beta7
Adding this to StandardSessionInterceptor seems to fix the problem.
I would appreciate if someone who has worked with the session
tracking stuff before can review this patch before I commit it to
the tomcat_32 branch. I really don't want to introduce new bugs in
3.2 this close to the release, but I feel this bug must be fixed.
// First check if we have a valid session ID from the URL, set
// by the SessionInterceptor, and if so, set it as the request
// session. If we have also received a valid session ID
// as a cookie, the next section of code will reset the session
// to the one matching the ID found in the cookie.
String requestedSessionID = request.getRequestedSessionId();
if (requestedSessionID != null) {
System.out.println("Found a requested session ID: " +
requestedSessionID);
sess = sM.findSession(requestedSessionID);
if (sess != null)
System.out.println("Found a requested session ID");
request.setSession(sess);
}
// The current cookie checking code comes here
...
Hans
--
Hans Bergsten [EMAIL PROTECTED]
Gefion Software http://www.gefionsoftware.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
