[jboss-jira] [JBoss JIRA] Created: (JBWEB-121) Session Cookie Paths
Matt Wringe (JIRA)
jira-events at lists.jboss.org
Wed Sep 17 15:43:21 EDT 2008
Session Cookie Paths
--------------------
Key: JBWEB-121
URL: https://jira.jboss.org/jira/browse/JBWEB-121
Project: JBoss Web
Issue Type: Bug
Security Level: Public (Everyone can see)
Affects Versions: JBossWeb-2.1.1.GA
Reporter: Matt Wringe
Assignee: Remy Maucherat
JBoss Web 2.1.1.CR6 changed the path of the session cookie from being hardcoded to the root ("/") to that of the webapp's context (see org.apache.catalina.connector.Request configureSessionCookie).
Normally it would be possible to override this and set the session cookies to always have a path of "/" by setting emptySessionPath="true" for the connector, but this is not implemented in JBossWeb (this does of course work fine with upstream Tomcat).
The big issue here is that having an empty session path for session cookies is a requirement for portals, and since JBoss AS5 will be using this version it means that JBoss Portal (and any other portals) will not work with it.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list