2 Replies Latest reply on May 11, 2011 12:17 PM by chriskulinski

    Incorrect persistent cookies in JBoss 6 and JBoss Web 3?

    chriskulinski

      We've recently upgraded from JBoss 4.2 to JBoss 6.0.0.Final.  One defect we've noticed is related to setting persistent cookies.  When we are setting cookies using the Servlet API, the cookies are now stored in a different format that will not always be stored as a persistent cookie in all browsers.  The problem is that there are now quotes around the cookievalue, and ‘Expires’ is replaced with ‘Max-Age’.

       

      This is the value we see from the response headers when using response.setCookie().

       

      MYCOOKIE="un=test@test.com&sh=4193de2ccaa36d9244c36df994b&mn=Test&remember=true";Version=1; Max-Age=15811200; Path=/

       

       

      If the cookie value has embedded ‘=’ or "@" characters, response.setCookie() doesn’t allow us to send content as a version 0 cookie. We can work around this by setting the cookie ourselves as a raw header.

       

      resp.addHeader("Set-Cookie",cookie2.getName()+"=\""+cookie2.getValue() +"\";" + "Expires=”+df.format(futureDate) + “; "+"Path=/");

       

      It looks like this might be related to this Tomcat defect: https://issues.apache.org/bugzilla/show_bug.cgi?id=46403

       

      If JBoss 6 is using JBoss Web 3.0, shouldn't it have this Tomcat 6 fix in it?  Are there some additional Tomcat fixes that need to be ported to JBoss Web?

       

      Thanks for the assistance,

      Chris