You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2013/10/21 16:21:12 UTC

[Bug 55683] New: mod_jk doesn't properly parse version 1 cookies, breaking sticky sessions

https://issues.apache.org/bugzilla/show_bug.cgi?id=55683

            Bug ID: 55683
           Summary: mod_jk doesn't properly parse version 1 cookies,
                    breaking sticky sessions
           Product: Tomcat Connectors
           Version: 1.2.37
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Common
          Assignee: dev@tomcat.apache.org
          Reporter: aogburn@redhat.com

mod_jk can't properly parse version 1 cookies, which can break sticky sessions
if a session cookie has a quoted version 1 cookie value.

Reproducing with mod_jk trace logging shows how it parses the session cookie
and jvmroute.  I tested with my jvmRoute set to `testing:123`, which produces a
quoted version 1 cookie value:

[Tue Oct 15 15:20:12 2013][9846:140521757296384] [debug]
init_ws_service::mod_jk.c (1097): Service protocol=HTTP/1.1 method=GET
ssl=false host=(null) addr=127.0.0.1 name=localhost port=80 auth=(null)
user=(null) laddr=127.0.0.1 raddr=127.0.0.1 uri=/helloworld2/hi.jsp
[Tue Oct 15 15:20:12 2013][9846:140521757296384] [debug]
service::jk_lb_worker.c (1201): service sticky_session=1
id='"QO1g5upa1l+mpzaJpor0Ko41.testing:123"'
[Tue Oct 15 15:20:12 2013][9846:140521757296384] [debug]
get_most_suitable_worker::jk_lb_worker.c (1012): searching worker for partial
sessionid "QO1g5upa1l+mpzaJpor0Ko41.testing:123"
[Tue Oct 15 15:20:12 2013][9846:140521757296384] [debug]
get_most_suitable_worker::jk_lb_worker.c (1020): searching worker for session
route testing:123"

So it does not parse the quotes out of the session cookie value, thus looking
for route testing:123" instead of testing:123.

That can be worked around by manually setting the route to include that
trailing ":

worker.node01.reference=worker.template
worker.node01.port=8009
worker.node01.host=127.0.0.1
worker.node01.type=ajp13
worker.node01.route=testing:123"

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

[Bug 55683] mod_jk doesn't properly parse version 1 cookies, breaking sticky sessions

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=55683

Rainer Jung <ra...@kippdata.de> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED

--- Comment #1 from Rainer Jung <ra...@kippdata.de> ---
This should be fixed in r1583415.
Will be part of version 1.2.40.
Would be nice if you could give the change a try.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org