DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=38759>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=38759 Summary: path of JSESSIONID cookie (and possibly others) is passed through incorrectly Product: Tomcat 5 Version: 5.0.30 Platform: Other OS/Version: other Status: NEW Severity: major Priority: P2 Component: Catalina AssignedTo: tomcat-dev@jakarta.apache.org ReportedBy: [EMAIL PROTECTED] If Apache is used as a proxy in front of tomcat using ProxyPass and ProxyPassreverse with a path different than the path specified in the context of the tomcat webapp, tomcat returns the cookie using the path associated with the context of the webapp instead of the initial request path as seen from the client. i.e. ProxyPass /test http://192.168.1.10/secured ProxyPassReverse /test http://192.168.1.10/secured In this case, the request is submitted to Apache web server as http://somedomain.com/test/index.html, ProxyPass translates this request to http://192.168.1.10/secured/index.html. if a cookie is placed on the request, it should be placed at: domain: somedomain.com path: /test However instead, tomcat places it at: domain: somedomain.com path: /secured When trying to login, Apache ends up logging a 408 error. I have not been able to trace through the code where the cookies are set inside Tomcat. If you set the ProxyPass, ProxyPassReverse to be the same path, this error does not occur, however this severely hinders the flexibility of the proxy. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
