[undertow-dev] jsession cookie path set to /

Stuart Douglas sdouglas at redhat.com
Fri Nov 15 03:31:40 EST 2013


Ah, this appears to be an ordering issue, this is being read in the ServletContext constructor, which is constructed before the extensions are run. I will fix. For now you can use something like:

public class SessionCookieConfigListener implements ServletContextListener {
    @Override
    public void contextInitialized(final ServletContextEvent sce) {
        sce.getServletContext().getSessionCookieConfig().setPath("/servletContext");
    }

    @Override
    public void contextDestroyed(final ServletContextEvent sce) {

    }
}

This should be all fixed today, and will hopefully make it into Wildfly very soon.

Stuart

----- Original Message -----
> From: "Bill Burke" <bburke at redhat.com>
> To: "Stuart Douglas" <sdouglas at redhat.com>
> Cc: "Nick Scavelli" <nscavell at redhat.com>, undertow-dev at lists.jboss.org
> Sent: Friday, 15 November, 2013 1:11:32 AM
> Subject: Re: [undertow-dev] jsession cookie path set to /
> 
> Undertow ignores the following code when invoking within a ServletExtension:
> 
>          ServletSessionConfig cookieConfig = new ServletSessionConfig();
>          cookieConfig.setPath(deploymentInfo.getContextPath());
>          deploymentInfo.setServletSessionConfig(cookieConfig);
> 
> At least Beta20 does (the one in wildfly master).  Haven't tested
> against master.
> 
> On 11/14/2013 5:26 PM, Stuart Douglas wrote:
> > It should, when I said a one liner I mean't it was a one liner to fix the
> > bug...
> >
> > Stuart
> >
> > ----- Original Message -----
> >> From: "Bill Burke" <bburke at redhat.com>
> >> To: "Stuart Douglas" <sdouglas at redhat.com>, "Nick Scavelli"
> >> <nscavell at redhat.com>
> >> Cc: undertow-dev at lists.jboss.org
> >> Sent: Thursday, 14 November, 2013 11:25:29 PM
> >> Subject: Re: [undertow-dev] jsession cookie path set to /
> >>
> >> Shouldn't it default to the context path?  That is the default for JBoss
> >> Web/AS7/EAP6
> >>
> >>
> >> On 11/14/2013 4:50 PM, Stuart Douglas wrote:
> >>> The option already exists, via jboss-web.xml for a deployment, or for all
> >>> deployments in wildfly. This is just a one liner in wildfly to make it
> >>> default to the context path.
> >>>
> >>> Stuart
> >>>
> >>> ----- Original Message -----
> >>>> From: "Nick Scavelli" <nscavell at redhat.com>
> >>>> To: "Stuart Douglas" <sdouglas at redhat.com>, "Bill Burke"
> >>>> <bburke at redhat.com>
> >>>> Cc: undertow-dev at lists.jboss.org
> >>>> Sent: Thursday, 14 November, 2013 9:22:59 PM
> >>>> Subject: Re: [undertow-dev] jsession cookie path set to /
> >>>>
> >>>> There should be an option to set it to something. I believe this is the
> >>>> sessionCookiePath setting in tomcat. I know we set it to "/" for portal.
> >>>>
> >>>> On 11/14/2013 11:52 AM, Stuart Douglas wrote:
> >>>>> This does sound like a bug.
> >>>>>
> >>>>> Stuart
> >>>>>
> >>>>> ----- Original Message -----
> >>>>>> From: "Bill Burke" <bburke at redhat.com>
> >>>>>> To: undertow-dev at lists.jboss.org
> >>>>>> Sent: Thursday, 14 November, 2013 3:58:00 PM
> >>>>>> Subject: [undertow-dev] jsession cookie path set to /
> >>>>>>
> >>>>>> the JSESSION cookie path seems to be set to '/'.  This will bleed
> >>>>>> sessionids between deployed WARs.  I think it bleeds cached sessions
> >>>>>> too?
> >>>>>>
> >>>>>> I'll log a bug unless it is by design.
> >>>>>>
> >>>>>> --
> >>>>>> Bill Burke
> >>>>>> JBoss, a division of Red Hat
> >>>>>> http://bill.burkecentral.com
> >>>>>> _______________________________________________
> >>>>>> undertow-dev mailing list
> >>>>>> undertow-dev at lists.jboss.org
> >>>>>> https://lists.jboss.org/mailman/listinfo/undertow-dev
> >>>>>>
> >>>>> _______________________________________________
> >>>>> undertow-dev mailing list
> >>>>> undertow-dev at lists.jboss.org
> >>>>> https://lists.jboss.org/mailman/listinfo/undertow-dev
> >>>>
> >>>>
> >>
> >> --
> >> Bill Burke
> >> JBoss, a division of Red Hat
> >> http://bill.burkecentral.com
> >>
> 
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> 


More information about the undertow-dev mailing list