CDV ❯ sessionIDs from URLs do not work

• Type: Bug
• Status: Closed
• Priority: 2 Major
• Resolution: Fixed
• Component/s: Sessions
• Labels:

• Assignee: hhuynh
• Reporter: teck
• Created: June 23, 2008
• Votes: 0
• Watchers: 1
• Updated:

  July 03, 2008
• Resolved:

  June 24, 2008

Description

web clients should be able to pass a “;jsessionid=xxxx” in the URLs path parameter section in place of sending a session cookie. This construct does not work properly with terracotta clustered sessions

This seems to affect all supported containers (tomcat, weblogic, etc).

We have a test (CookieRenameTest) that approaches this functionality, but it doesn’t test the standard case of using “;jessionid=xxx”. Rather it renames the session identitifer tag. Interestingly enough URL session IDs work fine as long as the tag isn’t “jsessionid”. It appears that the containers are stripping this before we have a chance to play with the request.

Another reference of the same issue: http://forums.terracotta.org/forums/posts/list/1151.page

Comments

Tim Eck 2008-06-23

SessionIDFromURL test trunk (currently disabled in the monkeys) demonstrates this issue

Fiona OShea 2008-06-24

What is the LOE and impact of fixing for 2.6

Tim Eck 2008-06-24

low effort (about to commit fix in trunk right now) and I think low impact/risk for pushing to 2.6

Tim Eck 2008-06-24

committed to trunk and 2.6