Hi Saradhi again!, and Steve,
The other technique to maintain session is 'URL rewriting'.
I have just info that Apache has a module to enable which is
called 'mod_rewrite'. But I don't know the details.
If TOCAT & AXIS support 'URL rewriting', it might be a good
hint to going well.
And also, I know that weblogic has a functionality to change
the name of Cookie from the default; 'JSESSIONID'. But I'm not
sure Tomcat has an API to do so. Even if we could use the
mechanism, I have currently no idea for success.
Best Regards,
Toshi (Toshiyuki Kimura) <[EMAIL PROTECTED]>
R&D Headquarters
NTT DATA Corporation
-----Original Message-----
From: Steve Loughran [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 20, 2003 9:40 AM
To: [EMAIL PROTECTED]
Subject: Re: Session Problem
Saradhi Vemuri wrote:
> Hi,
> I have been testing Axis1.0 Rel Under Tomcat 4.1.12
> and sessions are not working properly when we have
> authentication turned on and a WebService is deployed
> as "Session" scope.
>
> On the client setMaintainSession(true) has been done.
>
> When Single Sign On is turned on in tomcat. It sends
> JSESSIONIDSSO cookie. And since the WebService is
> deployed at Session Scope, it sends back a JSESSIONID
> named cookie. However the client returns only the last
> listed cookie in the response.
>
> A result of this is
> 1 - After first call Auth takes place and a new
> WebService object is created for the "new" session.
> 2 - Second request to the WebService results in the
> JSESSIONID being sent and not the JSESSIONIDSSO.
> Which re authenticates me - AND sends a new
> JSESSIONIDSSO.
>
> As a result of this the next request to the Server
> results in only the JSESSIONIDSSO going in and not the
> JSESSIONIDand this leads to my WebService losing
> state.
Could be related to this bug in the code:
http://developer.java.sun.com/developer/bugParade/bugs/4242254.html
java.net doesnt let you set multiple cookies on connections any more.
you could, and someone reported this as a bug, and whoever maintains the
source doesnt understand enough of the HTTP spec (an ongoing issue), so
they turned the feature off.
What happens using the http library from the jakarta commons project &
the latest Axis RC?
