You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2003/05/08 23:12:19 UTC
DO NOT REPLY [Bug 8100] -
Session Tracking and HttpURLConnection
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=8100>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=8100
Session Tracking and HttpURLConnection
------- Additional Comments From adb@cisco.com 2003-05-08 21:12 -------
I'm seeing a similar problem with Tomcat 4.0.12. I have a simple JSP page
which contains the following code:
<jsp:useBean
id="evpSessionBean"
class="evp.jsp.EvpSessionBean"
scope="session"/>
<jsp:setProperty name="evpSessionBean" property="*"/>
User ID is: <jsp:getProperty name="evpSessionBean" property="id"/>.
User PIN is: <jsp:getProperty name="evpSessionBean" property="pin"/>.
This page has a "id" and "pin" parameter passed to it in the GET request, and
the results are as you'd expect. On a subsequently accessed page, located in
the same context, I have a segment of code identical to the above, but of
course without the "setProperty" line. This works just fine too, and produces
the "id" and "pin" values which had been provided in the previously accessed
page's GET request.
The problem is not manifest until a *third* page is accessed. That is, if I as
user then access a third page containing the same block of code above (again,
sans setProperty), I will get *nothing* for the property values. The original
evpSessionBean gets lost and a new one is created.
In an attempt to work around this, I replaced this code with scriptlets that
explicitly add and retrieve these values to and from the HttpSession as
attributes. The same problem occurrs:
1) First page accessed creates a new session, attaches the ID and PIN to it,
and it's happy.
2) Second page accessed get's a handle to the session, reads the ID and PIN,
it's happy too.
3) Third page accessed has no idea what's going on. The browser dutifully
passes it the JSESSIONID of the HttpSession used by the first two pages (I've
confirmed this), but the server decided to create a new session anyway. If I
call HttpServletRequest.getSession(false) it returns null.
Hope this is enough detail for you, if not let me know (adb@cisc.com).
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org