I would like to report 2 problems noticed in the behavior and n the source
code for tomcat3.2.1
These problems concern the session management.
-1-
When cookies are used, the domain is not set in the cookie :
SessionInterceptor class :
public int beforeBody( Request rrequest, Response response ) {
...
Cookie cookie = new Cookie("JSESSIONID",
reqSessionId);
cookie.setMaxAge(-1);
cookie.setPath(sessionPath);
cookie.setVersion(1);
response.addHeader( CookieTools.getCookieHeaderName(cookie),
CookieTools.getCookieHeaderValue(cookie));
cookie.setVersion(0);
response.addHeader( CookieTools.getCookieHeaderName(cookie),
CookieTools.getCookieHeaderValue(cookie));
return 0;
}
And in addition there is no way to configure the doamin from configuration
files that is
an important feature !
-2-
When using URL rewriting, it doesn't work :
String sig=";jsessionid=";
int foundAt=-1;
if( debug>0 ) cm.log(" XXX RURI=" + request.getRequestURI());
if ((foundAt=request.getRequestURI().indexOf(sig))!=-1){
sessionId=request.getRequestURI().substring(foundAt+sig.length());
// rewrite URL, do I need to do anything more?
request.setRequestURI(request.getRequestURI().substring(0,
foundAt));
sessionId=validateSessionId(request, sessionId);
if (sessionId!=null){
request.setRequestedSessionIdFromURL(true);
}
}
return 0;
As the request.getRequestURI() doesn't return the query String
use instead
if ((foundAt=request.getQueryString()).indexOf(sig))!=-1){ ??
I hope this may help..
regards
filou
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
