You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@wicket.apache.org by "Jan Krakora (JIRA)" <ji...@apache.org> on 2018/07/24 14:27:00 UTC

[jira] [Created] (WICKET-6571) BaseWebSocketBehavior should check sessionId cookie name dynamically

Jan Krakora created WICKET-6571:
-----------------------------------

             Summary: BaseWebSocketBehavior should check sessionId cookie name dynamically
                 Key: WICKET-6571
                 URL: https://issues.apache.org/jira/browse/WICKET-6571
             Project: Wicket
          Issue Type: Bug
          Components: wicket-native-websocket
    Affects Versions: 8.0.0
            Reporter: Jan Krakora
            Assignee: Martin Grigorov


When creating a WebSocket connection, Wicket tries to check if session id is tracked by URL or by cookies.

The code is in the org.apache.wicket.protocol.ws.api.BaseWebSocketBehavior#getSessionId(Component component)

It uses a hardcoded sessionId cookie name ({color:#333333}JSESSIONID{color}). So when an application uses a different sessionId cookie name, this code wrongly assumes there is no cookie with session id and appends session Id in the websocket connection URL.

I think it should use to get session id cookie name
{code:java}
servletContext.getSessionCookieConfig().getName(){code}
 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)