[
https://issues.apache.org/jira/browse/WICKET-4550?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13272859#comment-13272859
]
Chris Colman commented on WICKET-4550:
--------------------------------------
After 4334 was fixed we confirmed that Wicket was serving static resources
without creating a new session - and this is perfect. Static resources should
never need a session in order to serve them (definition of static - unchanging
regardless of session).
If you are seeing a session being created now then maybe your code is creating
one somehow or something has changed in Wicket since the release we tested that
now does create a session even though it is not needed.
>From memory the problem in the Wicket code was a call to "get session" style
>of method that really was only checking if there was a session, it didn't
>really need a session, but it in fact created one in the process if there
>wasn't one.
Check that you don't have any other filters in the chain in web.xml that might
be creating a session. We use exPOJO for Dependency Injection and we need to
tell it to ignore requests for wicket resources that have the path
wicket/resource like this:
<filter>
<filter-name>exPOJO Filter</filter-name>
<filter-class>com.sas.framework.expojo.servlet.ExpojoServletFilter</filter-class>
<!-- exPOJO uses 'startsWith' method to match, not any regular
expression matching so
don't use blah/* here -->
<init-param>
<param-name>ignorePaths</param-name>
<param-value>wicket/resource/,robots.txt,index.html,static/,css/,images/,swf/,fckeditor</param-value>
</init-param>
</filter>
> jsessionid is not added to resources if cookies are disabled by the server
> --------------------------------------------------------------------------
>
> Key: WICKET-4550
> URL: https://issues.apache.org/jira/browse/WICKET-4550
> Project: Wicket
> Issue Type: Bug
> Components: wicket
> Affects Versions: 1.5.5
> Reporter: Michael Bruns
> Attachments: jsessionid-quickstart.tar.gz
>
>
> When I configure the container (either Jetty or Tomcat) to not support
> cookies, I expect the jsessionid to be added to all resource links in the
> page. However, with Wicket 1.5.5 this isn't the case, i.e. all URLs are
> lacking the jsessionid, both in development and deployment mode.
> Example IS:
> <script type="text/javascript"
> src="wicket/resource/org.apache.wicket.markup.html.WicketEventReference/wicket-event-ver-1331911540000.js"></script>
> Example SHOULD:
> <script type="text/javascript"
> src="wicket/resource/org.apache.wicket.markup.html.WicketEventReference/wicket-event-ver-1331911540000.js;jsessionid=${something}"></script>
> This creates a new session for each and every resource in the page, which is
> an undesirable behavior. I have found a few issues regarding this topic, e.g.
> WICKET-4334 and WICKET-4312, but none of them could give me a clue about why
> it doesn't work the way I expect it. In Wicket 1.4.x the jsessionid was added
> to all resource links, so everything worked fine and the current session was
> reused.
> I created a quickstart do demonstrate the behavior - please see the attached
> file. The file jetty-web.xml tells Jetty to not support cookies, so mvn
> jetty:run can be run without any further configuration.
> By the way, I found a suggestion to use a custom IResourceCachingStrategy to
> append the jsessionid (or whatever) to URLs of resources in the archive of
> the mailinglist. Unfortunately, this doesn't work because the URL is encoded
> afterwards and the ; is turned into %3B.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
