You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2007/12/26 21:54:46 UTC
svn commit: r606944 -
/tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
Author: markt
Date: Wed Dec 26 12:54:44 2007
New Revision: 606944
URL: http://svn.apache.org/viewvc?rev=606944&view=rev
Log:
Fix for bug 43839. When cookie based session tracking has been disabled, URL based session tracking would fail due to the presence of a session cookie from a parent context. Based on a patch by Yuan Qingyun.
Modified:
tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
Modified: tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java?rev=606944&r1=606943&r2=606944&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java (original)
+++ tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java Wed Dec 26 12:54:44 2007
@@ -524,6 +524,13 @@
*/
protected void parseSessionCookiesId(org.apache.coyote.Request req, Request request) {
+ // If session tracking via cookies has been disabled for the current
+ // context, don't go looking for a session ID in a cookie as a cookie
+ // from a parent context with a session ID may be present which would
+ // overwrite the valid session ID encoded in the URL
+ if (!((Context)request.getMappingData().context).getCookies())
+ return;
+
// Parse session id from cookies
Cookies serverCookies = req.getCookies();
int count = serverCookies.getCookieCount();
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org