You are viewing a plain text version of this content. The canonical link for it is here.

Posted to java-dev@axis.apache.org by "Srimanth G (JIRA)" <ax...@ws.apache.org> on 2009/01/09 20:18:00 UTC

[jira] Created: (AXIS-2768) Axis 1.4 cannot handle cookies with common prefixes

Axis 1.4 cannot handle cookies with common prefixes
---------------------------------------------------

                 Key: AXIS-2768
                 URL: https://issues.apache.org/jira/browse/AXIS-2768
             Project: Axis
          Issue Type: Bug
          Components: Basic Architecture
    Affects Versions: 1.4
            Reporter: Srimanth G


The server is sending back headers like this:
-------------------------------------------------
HTTP/1.1 200 OK
Date: Fri, 09 Jan 2009 18:05:23 GMT
Server: IBM_HTTP_Server
Set-Cookie: LtpaToken2=AlaASQB98N6b..................
Set-Cookie: LtpaToken=S8+30Ie7dr+B+meD0h.................
Set-Cookie: JSESSIONID=0000Smpoi-vcwLrC8zOfHhio2Nt:1363qhvb2; Path=/; Domain=.xxx.yyy
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: no-cache="set-cookie, set-cookie2"
Connection: close
Content-Type: text/xml; charset=utf-8
Content-Language: en-US

<soap.........
-------------------------------------------------------

Note that there are 3 cookies - 'LtpaToken2', 'LtpaToken' and 'JSESSIONID'.

The way cookies are found in HTTPSender.handleCookie(String, String, String, MessageContext) is that String.indexOf(String) is used, and 'LtpaToken2' and 'LtpaToken' appear to be the same cookie.

  if (key != null && oldCookie.indexOf(key) == 0) { // same cookie key

Because of this one of the cookies is not sent and bad things happen after that.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.