You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2013/10/21 16:21:12 UTC
[Bug 55683] New: mod_jk doesn't properly parse version 1 cookies,
breaking sticky sessions
https://issues.apache.org/bugzilla/show_bug.cgi?id=55683
Bug ID: 55683
Summary: mod_jk doesn't properly parse version 1 cookies,
breaking sticky sessions
Product: Tomcat Connectors
Version: 1.2.37
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Common
Assignee: dev@tomcat.apache.org
Reporter: aogburn@redhat.com
mod_jk can't properly parse version 1 cookies, which can break sticky sessions
if a session cookie has a quoted version 1 cookie value.
Reproducing with mod_jk trace logging shows how it parses the session cookie
and jvmroute. I tested with my jvmRoute set to `testing:123`, which produces a
quoted version 1 cookie value:
[Tue Oct 15 15:20:12 2013][9846:140521757296384] [debug]
init_ws_service::mod_jk.c (1097): Service protocol=HTTP/1.1 method=GET
ssl=false host=(null) addr=127.0.0.1 name=localhost port=80 auth=(null)
user=(null) laddr=127.0.0.1 raddr=127.0.0.1 uri=/helloworld2/hi.jsp
[Tue Oct 15 15:20:12 2013][9846:140521757296384] [debug]
service::jk_lb_worker.c (1201): service sticky_session=1
id='"QO1g5upa1l+mpzaJpor0Ko41.testing:123"'
[Tue Oct 15 15:20:12 2013][9846:140521757296384] [debug]
get_most_suitable_worker::jk_lb_worker.c (1012): searching worker for partial
sessionid "QO1g5upa1l+mpzaJpor0Ko41.testing:123"
[Tue Oct 15 15:20:12 2013][9846:140521757296384] [debug]
get_most_suitable_worker::jk_lb_worker.c (1020): searching worker for session
route testing:123"
So it does not parse the quotes out of the session cookie value, thus looking
for route testing:123" instead of testing:123.
That can be worked around by manually setting the route to include that
trailing ":
worker.node01.reference=worker.template
worker.node01.port=8009
worker.node01.host=127.0.0.1
worker.node01.type=ajp13
worker.node01.route=testing:123"
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 55683] mod_jk doesn't properly parse version 1 cookies,
breaking sticky sessions
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=55683
Rainer Jung <ra...@kippdata.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #1 from Rainer Jung <ra...@kippdata.de> ---
This should be fixed in r1583415.
Will be part of version 1.2.40.
Would be nice if you could give the change a try.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org