[jboss-jira] [JBoss JIRA] Updated: (JBAS-5810) StringIndexOutOfBoundsException in JvmRouteValve when JSESSIONID is passed without jvmRoute
Takayoshi Kimura (JIRA)
jira-events at lists.jboss.org
Wed Jul 30 04:18:10 EDT 2008
[ https://jira.jboss.org/jira/browse/JBAS-5810?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Takayoshi Kimura updated JBAS-5810:
-----------------------------------
Workaround Description:
There are 3 workarounds:
1. Set Connector.emptySessionPath=false in jboss-web.deployer/server.xml. The emptySessionPath is required for JBoss Portal cross context session function, but if you are not using JBoss Portal, it's safe to turn off.
2. Set UseJK=false in jboss-web.deployer/META-INF/jboss-service.xml. It disables sticky session function completely.
3. Use custom valve like this:
public class FixSessionIdValve extends ValveBase {
public void invoke(Request request, Response response)
throws IOException, ServletException {
String requestedSessionId = request.getRequestedSessionId();
if (requestedSessionId != null &&
requestedSessionId.indexOf(".") < 0) {
request.setRequestedSessionId(null);
}
getNext().invoke(request, response);
}
}
Workaround: [Workaround Exists]
> StringIndexOutOfBoundsException in JvmRouteValve when JSESSIONID is passed without jvmRoute
> -------------------------------------------------------------------------------------------
>
> Key: JBAS-5810
> URL: https://jira.jboss.org/jira/browse/JBAS-5810
> Project: JBoss Application Server
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: Web (Tomcat) service
> Affects Versions: JBossAS-4.2.3.GA
> Reporter: Takayoshi Kimura
> Assignee: Takayoshi Kimura
>
> To reproduce, run the following command for clustered web application *twice*.
> curl -v --cookie JSESSIONID=aaaaa http://localhost:8080/test/index.jsp
> This problem doesn't exist in JBoss 5, it has been fixed within r63817 commit.
> ERROR [CoyoteAdapter] An exception or error occurred in the container during the request processing
> java.lang.StringIndexOutOfBoundsException: String index out of range: -1
> at java.lang.String.substring(String.java:1768)
> at org.jboss.web.tomcat.service.session.JvmRouteValve.handleJvmRoute(JvmRouteValve.java:172)
> at org.jboss.web.tomcat.service.session.JvmRouteValve.checkJvmRoute(JvmRouteValve.java:112)
> at org.jboss.web.tomcat.service.session.JvmRouteValve.invoke(JvmRouteValve.java:81)
> at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
> at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)
> at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
> at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241)
> at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:437)
> at org.apache.coyote.ajp.AjpProtocol$AjpConnectionHandler.process(AjpProtocol.java:381)
> at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
> at java.lang.Thread.run(Thread.java:595)
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list