Integration

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

JSESSIONID changes

807567Feb 27 2009 — edited Mar 3 2009

Hello,

We have a problem with JSESSIONID. We have two servlets that should share the same JSESSIONID. Sometimes this is not the case and it changes. I would appreciate any help in this issue. This happens in 1/500 cases.

https://server.com/MyServlet ( response.sendRedirect ) -> https://server.com/resource/MyOtherServlet

https://server.com/resource/ is protected with JAAS and https://server.com/resource/MyOtherServlet configured:

<security-constraint>
    <web-resource-collection>
	<web-resource-name>Protected Area</web-resource-name>
	<url-pattern>/resource/*</url-pattern>
	<http-method>DELETE</http-method>
	<http-method>GET</http-method>
	<http-method>POST</http-method>
	<http-method>PUT</http-method>
    </web-resource-collection>
    <login-config>
      <auth-method>myRealm</auth-method>
    </login-config>
    <auth-constraint>
      <role-name>myrole</role-name>
    </auth-constraint>
  </security-constraint>

 <security-constraint>
     <web-resource-collection>
	<web-resource-name>Free Area</web-resource-name>
	<url-pattern>/resource/MyOtherServlet</url-pattern>
	<http-method>GET</http-method>
       <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
      <role-name>ANYONE</role-name>
    </auth-constraint>
  </security-constraint>

Server version: Sun Java System Web Server 7.0U3 B06/16/2008 12:00

Locked Post

New comments cannot be posted to this locked post.

Locked on Mar 31 2009

Added on Feb 27 2009

#application-servers, #java-system-web-server

1 comment

221 views