Mantis - Resin
Viewing Issue Advanced Details
4775 minor always 09-22-11 10:42 11-10-11 12:31
rickHigh  
alex  
normal  
closed  
fixed  
none    
none 4.0.24  
0004775: Wrong session id in JSP template

On action entry: request.getSession() -> SessionImpl[aaaHwRSerRnffaE41Jqkt,]
Just before action exit: > request.getSession() -> SessionImpl[aaaHwRSerRnffaE41Jqkt,]
From JSP template: > r equest.getSession() -> SessionImpl[aaaqgA1FT9DTo6YE2Jqkt,]

Session id is different.

Yet in the same template when using URL rewrite they get:

> <a href="/do/addresses/mfilters;jsessionid=aaaHwRSerRnffaE41Jqkt" accesskey="2">

aaaHwRSerRnffaE41Jqkt= aaaHwRSerRnffaE41Jqkt


Somehow the JSP template has the wrong session, yet URL rewrite is still working.
 Resin 4.0.19 Pro_ url-rewriting & JSP code see different sessions?!.eml [^] (20,261 bytes) 10-20-11 21:24

Notes
(0005528)
jkeays   
09-30-11 19:01   
Any chance someone will get assigned this soon?

It is having a significant impact for us.
(0005570)
ferg   
10-20-11 14:54   
Do you have a simple flow for this, including any filtering?

I'm having trouble reproducing this with filters and JSPs.
(0005573)
jkeays   
10-20-11 21:21   
This occurs in the context of a Struts application, if that helps at all.

log statements just before return of Action -> RIGHT session
session available to templates -> WRONG session (new, empty)
but, url-rewriting performed by resin -> RIGHT session

Also, this is not reproducible unless

  <enable-cookies>false</enable-cookies>

is in session-config. We are forced to use this setting for browser compatibility. (think ancient cellphones)
(0005574)
jkeays   
10-20-11 21:25   
uploaded original email, in case it wasn't available, as it contains more detail than the summary.
(0005602)
alex   
10-31-11 15:24   
I couldn't reproduce this. Can you set logging level to finer and try your test please. Please forward us the logs via email.
(0005608)
alex   
11-10-11 12:31   
server/01re, server/01rf