This is same problem I so awkwardly brought up this morning. The
examples work on Netscape 6, Mozilla 0.7, Lynx and even IE5 but not on
Netscape 4.72.
Rick
Gordon Maclean wrote:
>
> Using netscape 4.7x on either solaris, linux or windows, the
> struts-example fails, because I am bounced between two different
> sessions.
>
> The symptom indicates to me that netscape keeps separate lists
> of cookies for the following URLs:
>
> http://myhost
> http://myhost:80
>
> As one goes through the struts example, the URL is
> sometimes displayed as myhost, and sometimes as myhost:80,
> and I am never allowed past the login because the user
> information is kept in a session associated with myhost,
> and can't be found in a session associated with myhost:80.
>
> Environment: struts nightly download as of Feb 12, 2001.
> Tomcat 3.2.1, mod_jk, apache 1.3.12 on RH7.
>
> I have all cookies enabled in netscape preferences, with
> "Warn before accepting a cookie" also turned on for debugging.
>
> 1. When I try the struts-example with the following URL:
>
> http://myhost/struts-example
>
> Netscape asks if I want to send the cookie JSESSIONID=f78s0eymd1,
> and I click OK.
>
> 2. I select the "Log on ..." link. Then the logon form is displayed at
> a
> URL of
> http://myhost:80/struts-example/logon.jsp;jsessionid=f78s0eymd1
>
> Note the cookie in the URL because struts doesn't yet know if my browser
> accepts cookies. Also note the port number 80 in the URL.
>
> 3. I enter user:pass and Submit.
>
> LogonAction logs the following message:
>
> 2001-02-15 01:59:47 - path="/struts-example" :action: LogonAction:
> User 'user' logged on in session f78s0eymd1
>
> The mainMenu.jsp page is displayed, with a URL:
>
> http://myhost/struts-example/logon.do;jsessionid=f78s0eymd1
>
> (note no port number is in the URL)
>
> 4. Then, when I select "Edit your" the netscape question box pops up
> asking if I want to send a cookie JSESSIONID=ynsmafyqr1.
> The URL is shown as
> http://myhost:80/struts-example/editRegistration.do?action=Edit
>
> This shouldn't happen, it should use the first session id!
>
> 5. When I click on OK, then, EditRegistrationAction logs the following
> error:
>
> 2001-02-15 02:00:55 - path="/struts-example" :action: User is not
> logged on in session ynsmafyqr1
>
> The logon.jsp form is again displayed. If I enter user:pass, then
> LogonAction reports a successfull login in session f78s0eymd1
> (the first session id again!)
>
> When I select "Edit ..." I get the same error from
> EditRegistrationAction about "User is not logged on in session
> ynsmafyqr1".
> And so on, ad-infinitum.
>
> If I disable cookies in netscape preferences, then things
> work with URL rewriting, and EditRegistrationAction forwards me to
> registration.jsp.
>
> The problem also does not show up with IE 5.
>
> Also, at step 4, if I manually enter a URL of:
> http://myhost/struts-example/editRegistration.do?action=Edit
> then EditRegistrationAction succeeds and forwards to registration.jsp.
>
>
> If I am right about netscape keeping separate cookie lists, then perhaps
> a workaround is for struts (specifically the html taglib) not to add
> the port number when generating URLs?
>
> I haven't tested this solution.
>
> Someone must have run into it also?
>
> Gordon Maclean
>
> --
> *****************************************************
> Gordon Maclean, Software Engineer, 303 497-8794
> Nat'l Center for Atmospheric Research, Boulder CO USA
> *****************************************************
