Good day, everybody.
ShiroHttpServletResponse has overridden encodeURL(String url) method, which
add JSESSIONID parameter to the urls.
So all links in a HTML page inserted using Spring macros (spring.ulr etc)
become invalid.
This happens on the first request, then cookie with session id is not set
yet.
Aforementioned method encodeURL use isEncodeable, which looks like:
protected boolean isEncodeable(final String location) {
if (location == null)
return (false);
// Is this an intra-document reference?
if (location.startsWith("#"))
return (false);
// Are we in a valid session that is not using cookies?
final HttpServletRequest hreq = request;
final HttpSession session = hreq.getSession(false);
1) if (session == null)
return (false);
2) if (hreq.isRequestedSessionIdFromCookie())
return (false);
return doIsEncodeable(hreq, session, location);
}
1) A session has been already created, so session != null
2) but it's a brand new session, so hreq.isRequestedSessionIdFromCookie() ==
false
As result we have, that url will be encoded though cookie are used.
Is it a bug, or I misunderstood something??
Please help :)
--
View this message in context:
http://shiro-user.582556.n2.nabble.com/Problem-with-JSESSIONID-tp7579874.html
Sent from the Shiro User mailing list archive at Nabble.com.
