Re: BugRat Report #380 has been filed.

Tue, 14 Nov 2000 11:49:35 -0800 

As close as I can tell, SessionInterceptor needs to be called first to
parse the url sessionid out of the URL before it can be context mapped. 
StandardSessionInterceptor lets you work with the sessions once you know
which context the request is going to.  I've done some work in there,
but I won't claim to know the original motivation for seperating them
other than what is listed above.

It might be possible to check the URL based session IDs in the same
place as we check multiple cookies to find a valid one.

Paul

Hans Bergsten wrote:
> 
> BugRat Mail System wrote:
> >
> > Bug report #380 has just been filed.
> > [...]
> > Environment:
> >    Release: 3.2 Beta 7
> >    JVM Release: 1.3
> >    Operating System: Linux/NT
> >    OS Release: 2.2.16/4
> >    Platform: any
> >
> > Synopsis:
> > Sessions don't work without cookies
> >
> > Description:
> > If Cookies are turned off in a browser the
> >  session-management by url-rewriting does not work.
> > This bug was introduced by 3.2 beta6 and is still around
> >  in beta7
> 
> This is serious enough to warrant a fix before 3.2 goes final, IMHO.
> It used to work in 3.1 and the earlier 3.2 betas so it's a regression
> bug.
> 
> I started to look at this one, and noticed that there are two interceptors
> that deal with sessions:
> * SessionInterceptor, seems to deal with session IDs in the URL but
>   doesn't care about cookies. This one is invoked first.
> * StandardSessionInterceptor, seems to deal with session IDs received
>   as cookies but doesn't care about session IDs in the URL.
> 
> Before I start hacking here, can someone tell me why there are two
> interceptors and what the intention with the two are?
> 
> Hans
> --
> Hans Bergsten           [EMAIL PROTECTED]
> Gefion Software         http://www.gefionsoftware.com
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to