[jboss-user] [Tomcat, HTTPD, Servlets & JSP] - Re: Changing the name of the JSessionID cookie?
bvogt
do-not-reply at jboss.com
Mon Feb 5 14:57:45 EST 2007
Is it reasonable to think about modifying the tomcat and jbossAS sources?
the current tomcat version 5.5.20 shows:
| Searching for: jsessionid
| connectors\coyote\src\java\org\apache\coyote\tomcat4\CoyoteResponse.java(1241): if( file.indexOf(";jsessionid=" + session.getId()) >= 0 )
| connectors\coyote\src\java\org\apache\coyote\tomcat4\CoyoteResponse.java(1313): if( sb.length() > 0 ) { // jsessionid can't be first.
| connectors\coyote\src\java\org\apache\coyote\tomcat4\CoyoteResponse.java(1314): sb.append(";jsessionid=");
| connectors\jk\native\common\jk_global.h(176): #define JK_SESSION_IDENTIFIER "JSESSIONID"
| connectors\jk\native\common\jk_global.h(177): #define JK_PATH_SESSION_IDENTIFIER ";jsessionid"
| connectors\jk\xdocs\changelog.xml(521): jsessionid was removed. (mturk)
| connectors\jk\xdocs\changelog.xml(582): Check all JSESSIONID cookies for a valid jvmRoute. If you have multiple Tomcats
| container\catalina\src\share\org\apache\catalina\Globals.java(271): public static final String SESSION_COOKIE_NAME = "JSESSIONID";
| container\catalina\src\share\org\apache\catalina\Globals.java(278): public static final String SESSION_PARAMETER_NAME = "jsessionid";
| container\catalina\src\share\org\apache\catalina\authenticator\Constants.java(42): public static final String SINGLE_SIGN_ON_COOKIE = "JSESSIONIDSSO";
| container\catalina\src\share\org\apache\catalina\connector\CoyoteAdapter.java(315): redirectPath = redirectPath + ";jsessionid="
| container\catalina\src\share\org\apache\catalina\connector\Request.java(2247): * Configures the given JSESSIONID cookie.
| container\catalina\src\share\org\apache\catalina\connector\Request.java(2249): * @param cookie The JSESSIONID cookie to be configured
| container\catalina\src\share\org\apache\catalina\connector\Response.java(1418): if( file.indexOf(";jsessionid=" + session.getIdInternal()) >= 0 )
| container\catalina\src\share\org\apache\catalina\connector\Response.java(1551): if( sb.length() > 0 ) { // jsessionid can't be first.
| container\catalina\src\share\org\apache\catalina\connector\Response.java(1552): sb.append(";jsessionid=");
| container\catalina\src\share\org\apache\catalina\core\ApplicationHttpRequest.java(551): * Returns true if the request specifies a JSESSIONID that is valid within
| container\catalina\src\share\org\apache\catalina\core\ApplicationHttpRequest.java(554): * @return true if the request specifies a JSESSIONID that is valid within
| container\catalina\src\share\org\apache\catalina\realm\RealmBase.java(946): file.append(";jsessionid=");
| container\modules\cluster\src\share\org\apache\catalina\cluster\session\JvmRouteBinderValve.java(48): * bad with apache at my windows.). We rewrite now the jsessionid
| container\modules\cluster\src\share\org\apache\catalina\cluster\session\JvmRouteBinderValve.java(53): * As jsessionid was created by cookie, the change JSESSIONID cookie resend with next response.
| container\modules\cluster\src\share\org\apache\catalina\cluster\session\mbeans-descriptors.xml(6): <mbean name="JvmRouteBinderValve" description="mod_jk jvmRoute jsessionid cookie backup correction" domain="Catalina"
| container\modules\ha\src\share\org\apache\catalina\ha\session\JvmRouteBinderValve.java(48): * bad with apache at my windows.). We rewrite now the cookie jsessionid
| container\modules\ha\src\share\org\apache\catalina\ha\session\mbeans-descriptors.xml(6): <mbean name="JvmRouteBinderValve" description="mod_jk jvmRoute jsessionid cookie backup correction" domain="Catalina"
| container\tester\src\tester\org\apache\tester\TestClient.java(408): "JSESSIONID=" + sessionId);
| container\tester\src\tester\org\apache\tester\TestClient.java(410): log("INPH: Cookie: JSESSIONID=" +
| container\tester\src\tester\org\apache\tester\TestClient.java(600): pw.println("Cookie: JSESSIONID=" + sessionId);
| container\tester\src\tester\org\apache\tester\TestClient.java(602): log("INPH: Cookie: JSESSIONID=" +
| container\tester\src\tester\org\apache\tester\TestClient.java(799): int equals = value.indexOf("JSESSIONID=");
| container\tester\src\tester\org\apache\tester\TestClient.java(802): value = value.substring(equals + "JSESSIONID=".length());
| container\webapps\docs\changelog.xml(972): <bug>34749</bug>: jsessionid dropped on trailing slash (/) redirect (remm)
| container\webapps\docs\cluster-howto.xml(379): <br/><b>Example</b> configure cluster with cluster failover jsessionid support. In this
| container\webapps\docs\cluster-howto.xml(976): now detect the takeover and rewrite the jsessionid
| container\webapps\docs\cluster-howto.xml(981): As jsessionid was created by cookie, the change JSESSIONID cookie resend with next response.
| jasper\src\share\org\apache\jasper\tagplugins\jstl\Util.java(143): * is encoded as a URL "path parameter" beginning with "jsessionid=".
| jasper\src\share\org\apache\jasper\tagplugins\jstl\Util.java(144): * We thus remove anything we find between ";jsessionid=" (inclusive)
| jasper\src\share\org\apache\jasper\tagplugins\jstl\Util.java(152): while ((sessionStart = u.toString().indexOf(";jsessionid=")) != -1) {
| Found 37 occurrence(s) in 18 file(s)
and jbossAS has:
| Searching for: jsessionid
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\console\src\main\org\jboss\console\navtree\AppletBrowser.java(87): sessionId = "jsessionid=" + sessionId;
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\BaseTest.java(229): // Get the state for the JSESSIONID
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\BaseTest.java(231): // Get the JSESSIONID so we can reset the host
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\BaseTest.java(237): if( k.getName().equalsIgnoreCase("JSESSIONID") )
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\BaseTest.java(244): log.info("Saw JSESSIONID="+sessionID);
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\FormAuthFailoverTestCase.java(80): if( k.getName().equalsIgnoreCase("JSESSIONID") )
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\FormAuthFailoverTestCase.java(83): log.debug("Saw JSESSIONID="+sessionID);
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\FormAuthFailoverTestCase.java(113): if( k.getName().equalsIgnoreCase("JSESSIONID") )
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\FormAuthFailoverTestCase.java(125): assertTrue("Saw JSESSIONID", sessionID != null);
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\FormAuthFailoverTestCase.java(126): log.debug("Saw JSESSIONID="+sessionID);
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\WebSessionTestCase.java(84): // Get the state for the JSESSIONID
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\WebSessionTestCase.java(92): // Get the JSESSIONID so we can reset the host
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\WebSessionTestCase.java(98): if( k.getName().equalsIgnoreCase("JSESSIONID") )
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\WebSessionTestCase.java(101): log.info("Saw JSESSIONID="+sessionID);
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\WebSessionTestCase.java(160): // Get the state for the JSESSIONID
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\WebSessionTestCase.java(162): // Get the JSESSIONID so we can reset the host
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\WebSessionTestCase.java(168): if( k.getName().equalsIgnoreCase("JSESSIONID") )
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\test\WebSessionTestCase.java(171): log.info("Saw JSESSIONID="+sessionID);
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\web\jk\test\JvmRouteURLRewritingTestCase.java(53): url = url + ";jsessionid=" + sessionId;
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\web\jk\test\JvmRouteURLRewritingTestCase.java(77): hdr = method.getResponseHeader("X-TestJSessionID");
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\web\jk\test\JvmRouteURLRewritingTestCase.java(78): assertNotNull("Got the X-TestJSessionID header", hdr);
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\cluster\web\jk\test\JvmRouteURLRewritingTestCase.java(93): String expectedURL = "accessSession.jsp;jsessionid=" + id;
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\ClusteredSingleSignOnUnitTestCase.java(131): if( k.getName().equalsIgnoreCase("JSESSIONID") )
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\ClusteredSingleSignOnUnitTestCase.java(134): log.debug("Saw JSESSIONID="+sessionID);
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\ClusteredSingleSignOnUnitTestCase.java(216): if( k.getName().equalsIgnoreCase("JSESSIONID") )
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\ClusteredSingleSignOnUnitTestCase.java(219): log.debug("Saw JSESSIONID="+sessionID);
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\ClusteredSingleSignOnUnitTestCase.java(248): if( k.getName().equalsIgnoreCase("JSESSIONIDSSO") )
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\ClusteredSingleSignOnUnitTestCase.java(257): assertTrue("Saw JSESSIONIDSSO", ssoID != null);
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\ClusteredSingleSignOnUnitTestCase.java(258): log.debug("Saw JSESSIONIDSSO="+ssoID);
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\ClusteredSingleSignOnUnitTestCase.java(268): // Now try getting the war2 index using the JSESSIONIDSSO cookie
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\ClusteredSingleSignOnUnitTestCase.java(297): // Now try getting the war1 index using the JSESSIONIDSSO cookie
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\FormAuthUnitTestCase.java(94): if( k.getName().equalsIgnoreCase("JSESSIONID") )
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\FormAuthUnitTestCase.java(97): getLog().debug("Saw JSESSIONID="+sessionID);
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\FormAuthUnitTestCase.java(136): if( k.getName().equalsIgnoreCase("JSESSIONID") )
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\FormAuthUnitTestCase.java(139): getLog().debug("Saw JSESSIONID="+sessionID);
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\FormAuthUnitTestCase.java(194): if( k.getName().equalsIgnoreCase("JSESSIONID") )
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\FormAuthUnitTestCase.java(197): getLog().debug("Saw JSESSIONID="+sessionID);
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\FormAuthUnitTestCase.java(266): if( k.getName().equalsIgnoreCase("JSESSIONID") )
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\FormAuthUnitTestCase.java(269): getLog().debug("Saw JSESSIONID="+sessionID);
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\FormAuthUnitTestCase.java(304): if( k.getName().equalsIgnoreCase("JSESSIONID") )
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\FormAuthUnitTestCase.java(307): getLog().debug("Saw JSESSIONID="+sessionID);
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\SSOBaseCase.java(66): if( k.getName().equalsIgnoreCase("JSESSIONID") )
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\SSOBaseCase.java(69): log.debug("Saw JSESSIONID="+sessionID);
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\SSOBaseCase.java(99): if( k.getName().equalsIgnoreCase("JSESSIONIDSSO") )
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\SSOBaseCase.java(111): assertTrue("Saw JSESSIONIDSSO", ssoID != null);
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\SSOBaseCase.java(112): log.debug("Saw JSESSIONIDSSO="+ssoID);
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\main\org\jboss\test\web\test\SSOBaseCase.java(122): // Now try getting the war2 index using the JSESSIONIDSSO cookie
| E:\Install\jBoss\ApplicationServer\jboss-4.0.4.GA-src\testsuite\src\resources\cluster\http\http-jk\accessSession.jsp(3): response.setHeader("X-TestJSessionID", session.getId());
| Found 48 occurrence(s) in 9 file(s)
Thanks in advance!
Burkhard
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4011537#4011537
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4011537
More information about the jboss-user
mailing list