[jetty-users] Disappearing Cookies

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[jetty-users] Disappearing Cookies

From: Chris Berry <cberry@xxxxxxxxxxxx>
Date: Wed, 17 Jul 2013 16:48:57 +0000
Accept-language: en-US
Delivered-to: jetty-users@xxxxxxxxxxx
Domainkey-signature: a=rsa-sha1; c=nofws; q=dns; s=k1; d=homeaway.com; b=h5kLmVGw85cSP47XgW6AnXoS4JlEMYDWLlOb/FHjYig0QDrILCvLzJSapLqoQI7zWPDr8C/5BkV/ dmIZpSKHlymoo1DKQtH0G58o1b3hDA+3qdPvNZDAQ3QeuM2K/fx5+y70I7GHiuJz9yk3C6Qg7Lvj fBhxTqGFFaqFiFT7z1w=;
List-archive: <https://dev.eclipse.org/mailman/private/jetty-users>
List-help: <mailto:jetty-users-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/options/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=unsubscribe>
Thread-index: AQHOgw2HWozpIJXArU+3+rS34FGtQg==
Thread-topic: Disappearing Cookies
User-agent: Microsoft-MacOutlook/14.2.3.120616

Greetings,

We are using Jetty 7.6.5 and are experiencing an odd error.

It appears that this is a Jetty error because when we switch to a different Servlet Engine (i.e. Resin) we do NOT see the same behavior.

But, of course, it could be just another case of pilot error

In a nutshell, we are seeing a Cookie "disappear".

Any ideas ??

Are others seeing this issue ??

Are we perhaps violating some Thread safety concern that we're unaware of ??

Thanks,

Chris Berry

Problem Description

--------------------------

This does not happen consistently and it happens primarily from an AJAX call (although not always)

Here's what we see:

When we execute the following code :

protected String readCookie(HttpServletRequest request) {

Cookie cookies[] = request.getCookies();

Cookie cookie = null;

if (cookies != null) {

for (Cookie nextCookie : cookies) {

if (cookieName.equals(nextCookie.getName())) {

cookie = nextCookie;

break;

}

}

}

String cookieValue = (cookie != null) ? cookie.getValue() : null;

log.info("READING SESSION ID FROM COOKIE (" + cookieValue + ") secure= "

+ ((cookie != null) ? cookie.getSecure() : "Undefined")

+ " [" + request.getRequestURI() + "]");

return cookieValue;

}

We do NOT get a Cookie. Even though we can see that there IS a Cookie Header present.

So we've had to fallback to this code (when the Cookie is NULL):

Where we can successfully pull out the Cookie value we need.

protected String readHeader(HttpServletRequest request) {

String cookieHeaderString = request.getHeader(COOKIE_REQUEST_HEADER_NAME);

if (null == cookieHeaderString || !cookieHeaderString.contains(DEFAULT_COOKIE_NAME)) {

log.info("READING SESSION ID FROM HEADER (No header for Cookie) [" + request.getRequestURI() + "]");

return null;

}

String cookieId = null;

try {

String[] cookies = cookieHeaderString.split(";");

for (String cookie : cookies) {

String[] cookieChunks = cookie.split("=", 2);

if (DEFAULT_COOKIE_NAME.equals(cookieChunks[0].trim())) {

cookieId = cookieChunks[1].trim();

break;

}

}

} catch (Exception e) {

log.warn("Error while retrieving session id from header string: " + cookieHeaderString, e);

}

return cookieId;

}

NOTE: We are not using any cross-domain AJAX requests. This occurs with relative path URLs and also normal page requests.

Follow-Ups:
- Re: [jetty-users] Disappearing Cookies
  - From: Jesse McConnell

Prev by Date: Re: [jetty-users] RE : SSL-handshake more or less broken in Jetty 9.0.3
Next by Date: Re: [jetty-users] Disappearing Cookies
Previous by thread: [jetty-users] SSL-handshake more or less broken in Jetty 9.0.3
Next by thread: Re: [jetty-users] Disappearing Cookies
Index(es):
- Date
- Thread

Breadcrumbs