DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=42367>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=42367 Summary: cookies=false setting in context.xml not being honored Product: Tomcat 5 Version: 5.0.28 Platform: PC OS/Version: Windows XP Status: NEW Severity: normal Priority: P3 Component: Catalina AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] The cookies attribute in the <Context> element within a context.xml file deployed as part of a webapp is not being honored. A cookie containing the session id is always being included within an HTTP response even when cookies="false" is used. Both url rewriting and creating a cookie occurs. Sample servlet and client code is included below as well as the web.xml and context.xml files. package test; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import javax.servlet.ServletException; import java.io.IOException; import java.io.PrintWriter; public class SimpleServlet extends HttpServlet { public void init() throws ServletException { super.init(); System.out.println("Inside servlet init"); } protected void doPost(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { System.out.println("Inside doPost"); HttpSession session = req.getSession(true); String id = session.getId(); System.out.println("Session id " + id); session.setAttribute("hello", "there"); String requestUrl = req.getRequestURL().toString(); String responseUrl = requestUrl + "?parameter=ABCD"; String encodedResponse = res.encodeURL(responseUrl); PrintWriter pw = res.getWriter(); pw.write(encodedResponse); pw.close(); } protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException { System.out.println("Inside doGet"); HttpSession session = httpServletRequest.getSession(false); String id = session.getId(); System.out.println("Session id " + id); } } -------------------------------------- package test; import java.net.HttpURLConnection; import java.net.URL; import java.io.OutputStream; import java.io.InputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; public class SimpleClient { public static void main(String [] args) throws IOException { new SimpleClient(args[0]); } public SimpleClient(String urlString) throws IOException { HttpURLConnection connection = (HttpURLConnection) (new URL(urlString).openConnection()); connection.setDoOutput(true); connection.setDoInput(true); connection.setRequestMethod("POST"); OutputStream os = connection.getOutputStream(); byte [] request = "This is a request".getBytes(); os.write(request); os.flush(); InputStream is = connection.getInputStream(); int byteVal; ByteArrayOutputStream baos = new ByteArrayOutputStream(1000); while ((byteVal = is.read()) != -1) { baos.write(byteVal); } String response = baos.toString(); System.out.println("response " + response); HttpURLConnection conn2 = (HttpURLConnection) (new URL(response).openConnection()); conn2.setRequestMethod("GET"); InputStream is2 = conn2.getInputStream(); is2.close(); } } ---------------------------------------- <Context debug="10" cookies="false"> </Context> ---------------------------------------- <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"> <web-app> <display-name>Simple Servlet Example</display-name> <description>Simple Servlet for Cookie Handling</description> <servlet> <servlet-name> simple </servlet-name> <servlet-class> test.SimpleServlet </servlet-class> <load-on-startup>1</load-on-startup> </servlet> <!-- servlet URL mappings --> <servlet-mapping> <servlet-name> simple </servlet-name> <url-pattern> /servlet/simple </url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name> simple </servlet-name> <url-pattern> /simple </url-pattern> </servlet-mapping> </web-app> ------------------------------------- And here is the HTTP traffic showing both the session id encoded in the URL and put into a cookie: ----------------------------------------- POST /simple/simple HTTP/1.1 User-Agent: Java/1.5.0_11 Host: damoss-w2:4444 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 Connection: keep-alive Content-type: application/x-www-form-urlencoded Content-Length: 17 This is a requestGET /simple/simple;jsessionid=B5CB8ED94229822852E390E6503FB887?parameter=ABCD HTTP/1.1 User-Agent: Java/1.5.0_11 Host: damoss-w2:4444 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 Connection: keep-alive -------------------------------------------------- HTTP/1.1 200 OK Set-Cookie: JSESSIONID=B5CB8ED94229822852E390E6503FB887; Path=/simple Content-Length: 94 Date: Tue, 08 May 2007 23:14:53 GMT Server: Apache-Coyote/1.1 http://damoss-w2:4444/simple/simple;jsessionid=B5CB8ED94229822852E390E6503FB887?parameter=ABCDHTTP/1.1 200 OK Content-Length: 0 Date: Tue, 08 May 2007 23:14:54 GMT Server: Apache-Coyote/1.1 -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]