-
1. Re: Changing the name of the JSessionID cookie?
j2ee_junkie Aug 4, 2006 7:40 AM (in response to alosix)Jason,
From what I can tell this can not be configured. I did find this that backs up my findings. http://mail-archives.apache.org/mod_mbox/tomcat-users/200407.mbox/%3C40E6DA8C.8040403@tngtech.com%3E
cgriffith -
2. Re: Changing the name of the JSessionID cookie?
alosix Aug 4, 2006 9:17 AM (in response to alosix)Ok, so I'm not going nuts.
Here's what I'm doing:
Apache front end to the site
JBoss portal (routed by apache)
Legacy app in Iframe portlet on another jboss server.
Just trying to make sure that the portal session doesn't stomp on the legacy apps session. It looks like jboss is tolerant of this (reusing the cookie if it exists) but I'm not sure yet.
Thanks,
Jaon -
3. Re: Changing the name of the JSessionID cookie?
brian.stansberry Aug 4, 2006 10:38 AM (in response to alosix)If your Connector element in server.xml has the emptySessionPath attribute set to true, a session cookie emitted to one webapp will be presented and accepted by another. By default, this attribute is true in JBoss.
See
http://www.jboss.com/index.html?module=bb&op=viewtopic&t=74446 for a somewhat related discussion. -
4. Re: Changing the name of the JSessionID cookie?
bvogt Feb 5, 2007 2:57 PM (in response to alosix)Is it reasonable to think about modifying the tomcat and jbossAS sources?
the current tomcat version 5.5.20 shows:Searching for: jsessionid connectors\coyote\src\java\org\apache\coyote\tomcat4\CoyoteResponse.java(1241): if( file.indexOf(";jsessionid=" + session.getId()) >= 0 ) connectors\coyote\src\java\org\apache\coyote\tomcat4\CoyoteResponse.java(1313): if( sb.length() > 0 ) { // jsessionid can't be first. connectors\coyote\src\java\org\apache\coyote\tomcat4\CoyoteResponse.java(1314): sb.append(";jsessionid="); connectors\jk\native\common\jk_global.h(176): #define JK_SESSION_IDENTIFIER "JSESSIONID" connectors\jk\native\common\jk_global.h(177): #define JK_PATH_SESSION_IDENTIFIER ";jsessionid" connectors\jk\xdocs\changelog.xml(521): jsessionid was removed. (mturk) connectors\jk\xdocs\changelog.xml(582): Check all JSESSIONID cookies for a valid jvmRoute. If you have multiple Tomcats container\catalina\src\share\org\apache\catalina\Globals.java(271): public static final String SESSION_COOKIE_NAME = "JSESSIONID"; container\catalina\src\share\org\apache\catalina\Globals.java(278): public static final String SESSION_PARAMETER_NAME = "jsessionid"; container\catalina\src\share\org\apache\catalina\authenticator\Constants.java(42): public static final String SINGLE_SIGN_ON_COOKIE = "JSESSIONIDSSO"; container\catalina\src\share\org\apache\catalina\connector\CoyoteAdapter.java(315): redirectPath = redirectPath + ";jsessionid=" container\catalina\src\share\org\apache\catalina\connector\Request.java(2247): * Configures the given JSESSIONID cookie. container\catalina\src\share\org\apache\catalina\connector\Request.java(2249): * @param cookie The JSESSIONID cookie to be configured container\catalina\src\share\org\apache\catalina\connector\Response.java(1418): if( file.indexOf(";jsessionid=" + session.getIdInternal()) >= 0 ) container\catalina\src\share\org\apache\catalina\connector\Response.java(1551): if( sb.length() > 0 ) { // jsessionid can't be first. container\catalina\src\share\org\apache\catalina\connector\Response.java(1552): sb.append(";jsessionid="); container\catalina\src\share\org\apache\catalina\core\ApplicationHttpRequest.java(551): * Returns true if the request specifies a JSESSIONID that is valid within container\catalina\src\share\org\apache\catalina\core\ApplicationHttpRequest.java(554): * @return true if the request specifies a JSESSIONID that is valid within container\catalina\src\share\org\apache\catalina\realm\RealmBase.java(946): file.append(";jsessionid="); container\modules\cluster\src\share\org\apache\catalina\cluster\session\JvmRouteBinderValve.java(48): * bad with apache at my windows.). We rewrite now the jsessionid container\modules\cluster\src\share\org\apache\catalina\cluster\session\JvmRouteBinderValve.java(53): * As jsessionid was created by cookie, the change JSESSIONID cookie resend with next response. container\modules\cluster\src\share\org\apache\catalina\cluster\session\mbeans-descriptors.xml(6): <mbean name="JvmRouteBinderValve" description="mod_jk jvmRoute jsessionid cookie backup correction" domain="Catalina" container\modules\ha\src\share\org\apache\catalina\ha\session\JvmRouteBinderValve.java(48): * bad with apache at my windows.). We rewrite now the cookie jsessionid container\modules\ha\src\share\org\apache\catalina\ha\session\mbeans-descriptors.xml(6): <mbean name="JvmRouteBinderValve" description="mod_jk jvmRoute jsessionid cookie backup correction" domain="Catalina" container\tester\src\tester\org\apache\tester\TestClient.java(408): "JSESSIONID=" + sessionId); container\tester\src\tester\org\apache\tester\TestClient.java(410): log("INPH: Cookie: JSESSIONID=" + container\tester\src\tester\org\apache\tester\TestClient.java(600): pw.println("Cookie: JSESSIONID=" + sessionId); container\tester\src\tester\org\apache\tester\TestClient.java(602): log("INPH: Cookie: JSESSIONID=" + container\tester\src\tester\org\apache\tester\TestClient.java(799): int equals = value.indexOf("JSESSIONID="); container\tester\src\tester\org\apache\tester\TestClient.java(802): value = value.substring(equals + "JSESSIONID=".length()); container\webapps\docs\changelog.xml(972): <bug>34749</bug>: jsessionid dropped on trailing slash (/) redirect (remm) container\webapps\docs\cluster-howto.xml(379): <br/><b>Example</b> configure cluster with cluster failover jsessionid support. In this container\webapps\docs\cluster-howto.xml(976): now detect the takeover and rewrite the jsessionid container\webapps\docs\cluster-howto.xml(981): As jsessionid was created by cookie, the change JSESSIONID cookie resend with next response. jasper\src\share\org\apache\jasper\tagplugins\jstl\Util.java(143): * is encoded as a URL "path parameter" beginning with "jsessionid=". jasper\src\share\org\apache\jasper\tagplugins\jstl\Util.java(144): * We thus remove anything we find between ";jsessionid=" (inclusive) jasper\src\share\org\apache\jasper\tagplugins\jstl\Util.java(152): while ((sessionStart = u.toString().indexOf(";jsessionid=")) != -1) { Found 37 occurrence(s) in 18 file(s)
and jbossAS has:Searching for: jsessionid E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\console\src\main\org\jboss\console\navtree\AppletBrowser.java(87): sessionId = "jsessionid=" + sessionId; E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\BaseTest.java(229): // Get the state for the JSESSIONID E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\BaseTest.java(231): // Get the JSESSIONID so we can reset the host E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\BaseTest.java(237): if( k.getName().equalsIgnoreCase("JSESSIONID") ) E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\BaseTest.java(244): log.info("Saw JSESSIONID="+sessionID); E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\FormAuthFailoverTestCase.java(80): if( k.getName().equalsIgnoreCase("JSESSIONID") ) E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\FormAuthFailoverTestCase.java(83): log.debug("Saw JSESSIONID="+sessionID); E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\FormAuthFailoverTestCase.java(113): if( k.getName().equalsIgnoreCase("JSESSIONID") ) E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\FormAuthFailoverTestCase.java(125): assertTrue("Saw JSESSIONID", sessionID != null); E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\FormAuthFailoverTestCase.java(126): log.debug("Saw JSESSIONID="+sessionID); E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\WebSessionTestCase.java(84): // Get the state for the JSESSIONID E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\WebSessionTestCase.java(92): // Get the JSESSIONID so we can reset the host E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\WebSessionTestCase.java(98): if( k.getName().equalsIgnoreCase("JSESSIONID") ) E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\WebSessionTestCase.java(101): log.info("Saw JSESSIONID="+sessionID); E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\WebSessionTestCase.java(160): // Get the state for the JSESSIONID E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\WebSessionTestCase.java(162): // Get the JSESSIONID so we can reset the host E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\WebSessionTestCase.java(168): if( k.getName().equalsIgnoreCase("JSESSIONID") ) E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\WebSessionTestCase.java(171): log.info("Saw JSESSIONID="+sessionID); E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\web\jk\test\JvmRouteURLRewritingTestCase.java(53): url = url + ";jsessionid=" + sessionId; E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\web\jk\test\JvmRouteURLRewritingTestCase.java(77): hdr = method.getResponseHeader("X-TestJSessionID"); E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\web\jk\test\JvmRouteURLRewritingTestCase.java(78): assertNotNull("Got the X-TestJSessionID header", hdr); E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\web\jk\test\JvmRouteURLRewritingTestCase.java(93): String expectedURL = "accessSession.jsp;jsessionid=" + id; E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\ClusteredSingleSignOnUnitTestCase.java(131): if( k.getName().equalsIgnoreCase("JSESSIONID") ) E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\ClusteredSingleSignOnUnitTestCase.java(134): log.debug("Saw JSESSIONID="+sessionID); E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\ClusteredSingleSignOnUnitTestCase.java(216): if( k.getName().equalsIgnoreCase("JSESSIONID") ) E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\ClusteredSingleSignOnUnitTestCase.java(219): log.debug("Saw JSESSIONID="+sessionID); E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\ClusteredSingleSignOnUnitTestCase.java(248): if( k.getName().equalsIgnoreCase("JSESSIONIDSSO") ) E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\ClusteredSingleSignOnUnitTestCase.java(257): assertTrue("Saw JSESSIONIDSSO", ssoID != null); E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\ClusteredSingleSignOnUnitTestCase.java(258): log.debug("Saw JSESSIONIDSSO="+ssoID); E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\ClusteredSingleSignOnUnitTestCase.java(268): // Now try getting the war2 index using the JSESSIONIDSSO cookie E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\ClusteredSingleSignOnUnitTestCase.java(297): // Now try getting the war1 index using the JSESSIONIDSSO cookie E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\FormAuthUnitTestCase.java(94): if( k.getName().equalsIgnoreCase("JSESSIONID") ) E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\FormAuthUnitTestCase.java(97): getLog().debug("Saw JSESSIONID="+sessionID); E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\FormAuthUnitTestCase.java(136): if( k.getName().equalsIgnoreCase("JSESSIONID") ) E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\FormAuthUnitTestCase.java(139): getLog().debug("Saw JSESSIONID="+sessionID); E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\FormAuthUnitTestCase.java(194): if( k.getName().equalsIgnoreCase("JSESSIONID") ) E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\FormAuthUnitTestCase.java(197): getLog().debug("Saw JSESSIONID="+sessionID); E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\FormAuthUnitTestCase.java(266): if( k.getName().equalsIgnoreCase("JSESSIONID") ) E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\FormAuthUnitTestCase.java(269): getLog().debug("Saw JSESSIONID="+sessionID); E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\FormAuthUnitTestCase.java(304): if( k.getName().equalsIgnoreCase("JSESSIONID") ) E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\FormAuthUnitTestCase.java(307): getLog().debug("Saw JSESSIONID="+sessionID); E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\SSOBaseCase.java(66): if( k.getName().equalsIgnoreCase("JSESSIONID") ) E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\SSOBaseCase.java(69): log.debug("Saw JSESSIONID="+sessionID); E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\SSOBaseCase.java(99): if( k.getName().equalsIgnoreCase("JSESSIONIDSSO") ) E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\SSOBaseCase.java(111): assertTrue("Saw JSESSIONIDSSO", ssoID != null); E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\SSOBaseCase.java(112): log.debug("Saw JSESSIONIDSSO="+ssoID); E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\SSOBaseCase.java(122): // Now try getting the war2 index using the JSESSIONIDSSO cookie E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\resources\cluster\http\http-jk\accessSession.jsp(3): response.setHeader("X-TestJSessionID", session.getId()); Found 48 occurrence(s) in 9 file(s)
Thanks in advance!
Burkhard