You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by pixel <pi...@pixelfreak.net> on 2001/10/19 21:17:22 UTC
Setting Cookies in Filters
I'm attempting to add a cookie to a user agent in a servlet filter.
When a request comes in, i check the request and see if the cookie
already exists. If it is not found, I generate a new cookie with a
unique value and add it to the response object.
What i'm finding is that the cookie's visibility seems to change
depending on the request.
What is the default behavior of creating a cookie without a path? Does
the cookies path default to the request URI when added? I've started
explicitly set the path of this cookie to "/" which seems to have fixed
this behavior, but I'm trying to clarify that this was the root of my
problem.
Thanks,
~Scott
Re: Pls fix SSLAuthenticator.java
Posted by "Craig R. McClanahan" <cr...@apache.org>.
It's more likely that things like this will be dealt with if you submit
them as bug reports in the bug tracking system:
http://nagoya.apache.org/bugzilla/
Craig
On Mon, 22 Oct 2001, Kar YEOW wrote:
> Date: Mon, 22 Oct 2001 15:50:25 +1000
> From: Kar YEOW <ka...@apir.com.au>
> Reply-To: tomcat-user@jakarta.apache.org, Kar YEOW <ka...@apir.com.au>
> To: tomcat-user@jakarta.apache.org
> Subject: Pls fix SSLAuthenticator.java
>
> During testing of logout from SingleSignOn, I discovered that the logout
> failed because when using CLIENT-CERT SSLAuthenticator.java authenticate
> method never associate the session with SingleSignOn. I wonder those who
> have access to Source could pls fix SSLAuthenticator.java. TIA.
> Kar
>
> PS Here are the bit of codes in FormAuthenticator.java I think should also
> be in SSLAuthenticator.java
>
> // Have we already authenticated someone?
> Principal principal = hreq.getUserPrincipal();
> if (principal != null) {
> if (debug >= 1)
> log("Already authenticated '" +
> principal.getName() + "'");
> String ssoId = (String)
> request.getNote(Constants.REQ_SSOID_NOTE);
> if (ssoId != null)
> associate(ssoId, getSession(request, true));
> return (true);
> }
>
>
>
>
>
Pls fix SSLAuthenticator.java
Posted by Kar YEOW <ka...@apir.com.au>.
During testing of logout from SingleSignOn, I discovered that the logout
failed because when using CLIENT-CERT SSLAuthenticator.java authenticate
method never associate the session with SingleSignOn. I wonder those who
have access to Source could pls fix SSLAuthenticator.java. TIA.
Kar
PS Here are the bit of codes in FormAuthenticator.java I think should also
be in SSLAuthenticator.java
// Have we already authenticated someone?
Principal principal = hreq.getUserPrincipal();
if (principal != null) {
if (debug >= 1)
log("Already authenticated '" +
principal.getName() + "'");
String ssoId = (String)
request.getNote(Constants.REQ_SSOID_NOTE);
if (ssoId != null)
associate(ssoId, getSession(request, true));
return (true);
}