You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2003/10/30 16:40:15 UTC
DO NOT REPLY [Bug 24254] New: -
getRequestedSessionId contradicts servlet spec
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=24254>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=24254
getRequestedSessionId contradicts servlet spec
Summary: getRequestedSessionId contradicts servlet spec
Product: Tomcat 4
Version: 4.1.27
Platform: PC
OS/Version: Windows XP
Status: NEW
Severity: Major
Priority: Other
Component: Servlet & JSP API
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: cbraun@novell.com
When calling getRequestedSessionId I expect null to be returned when a client
does not specify a jsessionid via cookie or URL. This is not the result with
Tomcat 4.1.27. The first visit to a site when no jsessionid is provided
should cause this method to return null per the javadoc.
The 2.3 javadoc is quite ambiguous but servlet 2.4 clarifies the expectation:
"Returns the session ID specified by the client. This may not be the same as
the ID of the current valid session for this request. If the client did not
specify a session ID, this method returns null."
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org