You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by Stuart Roebuck <st...@adolos.co.uk> on 2001/12/07 14:33:07 UTC
[4.0.1+][PATCH] http10/HttpProcessor.java - lost cookies bug
I've been loosing cookies running Cocoon under Tomcat 4 and have tracked
the problem down to the HTTP 1.0 Processor class.
The current code throws away any cookies after the first session id is
found.
Here's a patch which aught to work:
> Index:
> catalina/src/share/org/apache/catalina/connector/http10/HttpProcessor.java
> ===================================================================
> RCS file: /home/cvspublic/jakarta-
> tomcat-4.0/catalina/src/share/org/apache/catalina/connector/http10/HttpProcessor.
> java,v
> retrieving revision 1.5
> diff -u -r1.5 HttpProcessor.java
> --- catalina/src/share/org/apache/catalina/connector/http10/HttpProcessor.
> java 2001/11/09 19:38:44 1.5
> +++ catalina/src/share/org/apache/catalina/connector/http10/HttpProcessor.
> java 2001/12/07 13:03:26
> @@ -464,16 +464,16 @@
> for (int i = 0; i < cookies.length; i++) {
> if (cookies[i].getName().equals
> (Globals.SESSION_COOKIE_NAME)) {
> -
> - // Override anything requested in the URL
> -
> request.setRequestedSessionId(cookies[i].getValue());
> - request.setRequestedSessionCookie(true);
> - request.setRequestedSessionURL(false);
> - if (debug >= 1)
> - log(" Requested cookie session id is " +
> - ((HttpServletRequest)
> request.getRequest()).getRequestedSessionId());
> - break; // Accept only the first session id value
> -
> + // If there is more than one session id cookie,
> only use the first one.
> + if (!request.isRequestedSessionIdFromCookie()
> ) {
> + // Override anything requested in the URL
> +
> request.setRequestedSessionId(cookies[i].getValue());
> + request.setRequestedSessionCookie(true);
> + request.setRequestedSessionURL(false);
> + if (debug >= 1)
> + log(" Requested cookie session id is " +
> + ((HttpServletRequest) request.getRequest(
> )).getRequestedSessionId());
> + }
> }
> request.addCookie(cookies[i]);
> }
Re: [4.0.1+][PATCH] http10/HttpProcessor.java - lost cookies bug
Posted by Stuart Roebuck <st...@adolos.co.uk>.
Apologies for a small bug in my last patch, I looked at the number of
extra libraries you have to install in the installation read me and
thought, "ahhhhhhhhh!". Consequently I hadn't tried the code and missed
off a cast.
Here's the new patch, I ended up compiling it on it's own, unpacking the
existing JAR and substituting in the new class, and it seems to work.
Stuart.
> Index:
> catalina/src/share/org/apache/catalina/connector/http10/HttpProcessor.java
> ===================================================================
> RCS file: /home/cvspublic/jakarta-
> tomcat-4.0/catalina/src/share/org/apache/catalina/connector/http10/HttpProcessor.
> java,v
> retrieving revision 1.5
> diff -u -r1.5 HttpProcessor.java
> --- catalina/src/share/org/apache/catalina/connector/http10/HttpProcessor.
> java 2001/11/09 19:38:44 1.5
> +++ catalina/src/share/org/apache/catalina/connector/http10/HttpProcessor.
> java 2001/12/07 14:59:53
> @@ -464,16 +464,16 @@
> for (int i = 0; i < cookies.length; i++) {
> if (cookies[i].getName().equals
> (Globals.SESSION_COOKIE_NAME)) {
> -
> - // Override anything requested in the URL
> -
> request.setRequestedSessionId(cookies[i].getValue());
> - request.setRequestedSessionCookie(true);
> - request.setRequestedSessionURL(false);
> - if (debug >= 1)
> - log(" Requested cookie session id is " +
> - ((HttpServletRequest)
> request.getRequest()).getRequestedSessionId());
> - break; // Accept only the first session id value
> -
> + // If there is more than one session id cookie,
> only use the first one.
> + if (!( (HttpRequestImpl)
> request).isRequestedSessionIdFromCookie()) {
> + // Override anything requested in the URL
> +
> request.setRequestedSessionId(cookies[i].getValue());
> + request.setRequestedSessionCookie(true);
> + request.setRequestedSessionURL(false);
> + if (debug >= 1)
> + log(" Requested cookie session id is " +
> + ((HttpServletRequest) request.getRequest(
> )).getRequestedSessionId());
> + }
> }
> request.addCookie(cookies[i]);
> }