[
https://issues.apache.org/jira/browse/CXF-3112?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12929276#action_12929276
]
David Hagar commented on CXF-3112:
----------------------------------
I've gotten the CXF source running, and created a simple unit test that sets
the two cookies (JSESSIONID and SPRING_SECURITY_REMEMBER_ME_COOKIE) with the
exact values that gave me trouble in my live environment. However, I quickly
ran into different behavior (maybe because I checked out the latest source?
maybe because of the unit test environment?), which I believe is still wrong.
In the AbstractClient#setResponseBuilder method when executed via the unit
tests my two cookies are fetched as a single value, so
entry.getValue().size() == 1 (and I did double check in my live environment
that I hadn't been hallucinating the size being two)
and entry.getValue() == "JSESSIONID=0475F7F30A26E5B0C15DF5B3489AE569;
Path=/userservice,SPRING_SECURITY_REMEMBER_ME_COOKIE=MktUaGkrVXZjQ09RRzdleFl1QUpEZz09OlcxemFySE5jQTlMcVAyeENva28vRmc9PQ;
Expires=Sat, 20-Nov-2010 19:11:32 GMT; Path=/userservice Expires=Thu,
01-Oct-2020 23:44:22 GMT; Path=/"
Because they are collapsed into a single value, the cookies are not split at
all, and the response returns a single cookie.
While this behavior is better than that described above of returning three
cookies, it still seems sub-optimal.
In JAXRSClientServerBookTest, I added:
@Test
public void testSetTwoCookieWebClient() throws Exception {
WebClient client = WebClient.create("http://localhost:"; + PORT +
"/bookstore/settwocookies");
Response r = client.type("*/*").get();
assertEquals(200, r.getStatus());
List<Object> cookies = r.getMetadata().get("Set-Cookie");
assertNotNull(cookies);
assertEquals(2, cookies.size());
}
In BookStore.java, I added:
@GET
@Path("settwocookies")
public Response setTwoCookies() {
return
Response.ok().header("Set-Cookie","JSESSIONID=0475F7F30A26E5B0C15DF5B3489AE569;
Path=/userservice")
.header("Set-Cookie",
"SPRING_SECURITY_REMEMBER_ME_COOKIE=MktUaGkrVXZjQ09RRzdleFl1QUpEZz09Olcxem"
+
"FySE5jQTlMcVAyeENva28vRmc9PQ; Expires=Sat, 20-Nov-2010 19:11:32 GMT;
Path=/userservice"
+ " Expires=Thu, 01-Oct-2020 23:44:22
GMT; Path=/")
.build();
}
> Further problem with cookies in Jax-RS (similar to closed issue 3035)
> ---------------------------------------------------------------------
>
> Key: CXF-3112
> URL: https://issues.apache.org/jira/browse/CXF-3112
> Project: CXF
> Issue Type: Bug
> Components: JAX-RS
> Affects Versions: 2.3.0, 2.2.11
> Reporter: David Hagar
>
> Prior to version 2.2.11, multiple cookies were not handled properly by the
> method
> org.apache.cxf.jaxrs.client.AbstractClient#setResponseBuilder(HttpURLConnection,
> Exchange) -- this was resolved for some cookies, but it still breaks for
> others. Specifically, any cookie that contains an "Expires" field now gets
> split into two objects by the aforementioned method.
> For example, if the header is:
> Set-Cookie: com.wm.visitor=10789493347; Domain=.walmart.com; Expires=Thu,
> 01-Oct-2020 23:44:22 GMT; Path=/
> Then response.getMetadata().get("Set-Cookie"); will return an array of length
> 2, with values = {" com.wm.visitor=10789493347; Domain=.walmart.com;
> Expires=Thu", "01-Oct-2020 23:44:22 GMT; Path=/"
> I'm pretty sure this is a conflict of the code looking for date related
> headers conflicting with the code looking for cookie related headers.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
