You are viewing a plain text version of this content. The canonical link for it is here.

Posted to java-dev@axis.apache.org by Saradhi Vemuri <sa...@yahoo.com> on 2003/03/19 22:18:34 UTC

session management bug details

It seems that Axis is not properly processing the
Header Cookies, when multiple session cookies are
used.  This occurs when I try to deploy a webservice
with session scope and also activate the single
sign-on feature of Tomcat.  The server properly
returns
Set-Cookie:
JSESSIONIDSSO=3438BCDD290B3C2A2CB1312FBCDAF33B; Path=/
Set-Cookie:
JSESSIONID=AA9C3119509663AEA7F2AAF3F5589379;
Path=/axis

But Axis only returns one cookie (the last one
received) on subsequent calls:
Cookie: JSESSIONID=AA9C3119509663AEA7F2AAF3F5589379

Here are code snippets from
org.apache.axis.transport.http.HTTPSender:

        // don't forget the cookies!
        // mmm... cookies
        if (msgContext.getMaintainSession()) {
            String cookie =
msgContext.getStrProp(HTTPConstants.HEADER_COOKIE);
            String cookie2 =
msgContext.getStrProp(HTTPConstants.HEADER_COOKIE2);

            if (cookie != null) {
               
otherHeaders.append(HTTPConstants.HEADER_COOKIE).append(":
")
                       
.append(cookie).append("\r\n");
            }
            if (cookie2 != null) {
               
otherHeaders.append(HTTPConstants.HEADER_COOKIE2).append(":
")
                       
.append(cookie2).append("\r\n");
            }
        }

org.apache.axis.transport.http.HTTPConstants:

    public static final String HEADER_SET_COOKIE =
"Set-Cookie";
    public static final String HEADER_SET_COOKIE2 =
"Set-Cookie2";


Thank you,
Saradhi


__________________________________________________
Do you Yahoo!?
Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!
http://platinum.yahoo.com