<div dir="ltr">Sorry, here is the change I made if additional or cookies already contains the name then just return...<div><br><div>io.undertow.util.Cookies:</div><div><br></div><div><div> private static int createCookie(final String name, final String value, int maxCookies, int cookieCount,</div>
<div> final Map<String, String> cookies, final Map<String, String> additional) {</div><div> if (name.charAt(0) == '$') {</div><div>//added</div><div> if(additional.containsKey(name)) {</div>
<div> return cookieCount;</div><div> }</div><div> additional.put(name, value);</div><div> return cookieCount;</div><div> } else {</div><div> if (cookieCount == maxCookies) {</div>
<div> throw UndertowMessages.MESSAGES.tooManyCookies(maxCookies);</div><div> }</div><div>//added</div><div> if(cookies.containsKey(name)) {</div><div> return cookieCount;</div>
<div> }</div><div> cookies.put(name, value);</div><div> return ++cookieCount;</div><div> }</div><div> }</div></div></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">
On Fri, Apr 25, 2014 at 2:43 PM, Derrick Childers <span dir="ltr"><<a href="mailto:derrick.childers@gmail.com" target="_blank">derrick.childers@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">I think I've found a bug in undertow and I have patch. I thought I'd explain. We have multiple War's serving a site. One war covers the root context '/' and a variety of sub paths/contexts. A couple of other war's server specific sub contexts, such as /selfserve. If you open a browser and go to / and look at the browser cookies you will see JSESSIONID with path=/. Then go to /selfserve and look at the cookies. You now have two JSESSIONID cookies. One for path=/ and one for path=/selfserve. As far as I know this is all normal and correct. From here when my app tries to use the session it fails in various ways. What I found was that if I deleted the JSESSIONID cookie that was associated with path=/ then everything worked. After digging around in the code I found where the cookies are being added to a HashMap by the name. It looks like the last cookie loaded wins, which means the correct cookie is loaded first then overridden by the wrong one.<div>
<br></div><div>I have a patch in git and can send a pull request.<span class="HOEnZb"><font color="#888888"><br clear="all"><div><br></div>-- <br><div dir="ltr">Derrick Childers</div>
</font></span></div></div>
</blockquote></div><br><br clear="all"><div><br></div>-- <br><div dir="ltr">Derrick Childers</div>
</div>