Hi, Currently in HTTPSenderImpl#obtainHTTPHeaderInformation, the Session Cookie string is constructed by checking only JSEESIONID/axis_session from response headers and then adding them as cookie string. It ignores other values which are coming with Set-Cookie from response headers. This will cause issues with session stickiness, if a client application tries to call some services via a load-balancer, where the load-balancer has its own way of handling session stickiness with its own cookie header.
For example, if the requests are going through an Amazon ELB, it expect a cookie named as "AWSELB" to identify the correct node. But this will fail, if the client did not send the that cookie with the request, as axis2 client only sends the JSESSIONID. As a fix, what I'm proposing is, remove the check for specific values (eg : JSESSIONID), and set whatever the Set-Cookie values coming with response headers as the Cookie string value. This will not break any existing apps because, it does not remove any values rather it adds those missing values. WDYT? Thanks, Kishanthan.
