You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by "Tim Kagle (JIRA)" <ax...@ws.apache.org> on 2005/01/07 18:59:14 UTC

[jira] Commented: (AXIS-1080) Axis 1.1 doen't support multi-cookies

     [ http://issues.apache.org/jira/browse/AXIS-1080?page=comments#action_57391 ]
     
Tim Kagle commented on AXIS-1080:
---------------------------------

This is still a problem in Axis 1.2RC2.

It would be very good to have it fixed as receiving multiple cookies from the server is such a common case these days (proxies, load balancers in between, etc.)

> Axis 1.1 doen't support multi-cookies
> -------------------------------------
>
>          Key: AXIS-1080
>          URL: http://issues.apache.org/jira/browse/AXIS-1080
>      Project: Axis
>         Type: Bug
>   Components: Basic Architecture
>     Versions: 1.1
>  Environment: Operating System: All
> Platform: All
>     Reporter: Olivier PEPIN
>  Attachments: CookeFix.zip, CookieFix-Diff.zip, axis11-multi-cookies-modified-patch.tar, axis1_1-multi-cookies.patch
>
> Scenario : The Axis Webservice as a session scope deploy on weblogic
> The client uses setMaintainSession(true);
> A filter in front of the AxisServlet set a extra cookie (for load balancing)
> * First call 
>   * Client header : 
>     No cookie sent 
>   * Server header: 
>     Set-Cookie: JSESSIONID=AAAAAA
>     Set-Cookie: LBCOOKIE=BBBBBBB
> * Second call
>   * Client header : 
>      Cookie: JSESSIONID=AAAAAAA(only one cookie set)
>   * Server header: 
>     Set-Cookie: LBCOOKIE=CCCCCCC (new lb cookie)
> * Third call
>   * Client header : 
>      Cookie: LBCOOKIE=CCCCCCC (only one cookie set this time the other is lost)
>   * Server header: 
>     Set-Cookie: LBCOOKIE=DDDDDD( new session created)
> Problems:
> * Only one cookie is stored for each call 
> * If a cookie is already stored in the MessageContext, it is deleted by a new 
> cookie
> Results:
> * Statefull services is not working 
> * Load balancing is not working 
> Bug analysis : 
> The HTTPSender (and CommonsHTTPSender) classe stores headers as Hashmap. 
> * It does not support multiple Set-Cookie: headers 
> * It do not send back multiple cookies. 
> The same way for the MessageContext that stores the "cleaned" cookies as a 
> HashMap. 
> * Old cookie is deleted (JSESSIONID), if a new cookie is send (LBCOOKIE) on a 
> next call 
> PS: This bug has been fixed on SOAP 2.3.1 some time ago

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
If you want more information on JIRA, or have a bug to report see:
   http://www.atlassian.com/software/jira