4 Replies Latest reply on Apr 18, 2002 5:17 AM by Jules Gosnell

    http session using id problem jboss3.0.0beta

    jamie Newbie

      We have recently changed to jboss-3.0.0beta from JBoss-2.4.4_Jetty-3.1.3-1.

      The http session, with cookies disabled, and urls encoded does not seem to be kept any more. The urls are encoded fine with the jsessionid, however the session is always lost between pages. Can anyone help?

      Also, is there a newer version of the jetty-plugin.sar available now compared to the one in jboss-3.0.0beta?

        • 1. Re: http session using id problem jboss3.0.0beta
          Jules Gosnell Novice

          If you are not using it try this:


          re the session id problem - what browser are you using ?


          • 2. Re: http session using id problem jboss3.0.0beta
            jamie Newbie

            Yes I am using the jboss-3.0.0RC1.

            But I found the problem. The urls are of the form http://host/;jsessionId=blahblah?x=1

            - they are all going to the index.jsp.

            however when the url is

            the session works - so there is a small problem with session ids in urls not working when requesting an index file - as in the first url above. But thats ok for my problem.

            • 3. Jetty Fix (Need to be checked)
              andre gerard Newbie

              I investigated the url jsessionid problem further. Now I can explain it and I have got a fix.

              This is the handlers being called when using a jsessionid url like in http://localhost:8080/;jsessionid=1019065300368

              1 HttpServer.service handling i=0
              2 HttpContext.handle pathParams=jsessionid=1019065300368 url=/
              3 JBossWebApplicationContext$JBossSXSecurityHandler
              4 SecurityHandler
              5 WebApplicationContext$WebInfProtect
              6 FilterHandler completed
              7 ServletHandler
              8 ResourceHandler pathParams=null !!! url=/index.jsp
              9 JBossWebApplicationContext$JBossSXSecurityHandler
              10 SecurityHandler
              11 WebApplicationContext$WebInfProtect
              11 ServletHandler

              At step 7 nothing happens because getHolderEntry( pathInContext ) returns null which means / is not one of the context path( is it correct? ).

              At step 8 the ressourceHandler replaces / by index.jsp but set pathParam to null ( Therefore definitely losing the session id ) and restart the whole process.
              These are the ResourceHandler methods involved ( in ResourceHandler.java ).
              public void handle(String pathInContext,String pathParams,HttpRequest request,HttpResponse response)
              which calls ( note that pathParams is missing )
              public void handleGet(HttpRequest request,HttpResponse response,String pathInContext,Resource resource,boolean endsWithSlash)
              which calls( path param is now null )
              getHttpContext().handle(0,ipath , null , request , response);

              Now the fix:
              still in ResourceHandler.java

              - Add the pathParam parameter to handleGet and modify the handle call
              public void handleGet(HttpRequest request,HttpResponse response,String pathInContext , String pathParam ,Resource resource,boolean endsWithSlash)
              getHttpContext().handle(0,ipath , pathparam, request , response);

              - Modify the method call in handle:
              handleGet(request, response, pathInContext , pathParams , resource, endsWithSlash);

              I was also wondering if it would be better to always call ResourceHandler before ServletHandler therefore reducing the number of handler calls.

              Any feedback welcome :)

              • 4. Re: Jetty Fix (Need to be checked)
                Jules Gosnell Novice

                I've forwarded this to jetty-discuss@yahoogroups.com.

                You should follow this list if you want to track it's progress.

                Thanks for spending time on this.