Hi, I seem to have found a problem in tomcat 6.0.35 that did not exist in 6.0.32 or prior to that version that I would like to know if I should file as a bug or if it exists a solution to it (it seems to be a coding bug but just in case, I run tomcat on a MAC).
The problem occurs when sending a POST request which contains a JSESSIONID (for example going directly to a page containing a login module and trying to get access by logging in). In tomcat 6.0.32 and prior the JSESSIONID was removed from the requestURL by the method parseSessionId in the class org.apache.catalina.connector.CoyoteAdapter (which was called by method postParseRequest). In tomcat 6.0.35 I can see that the method parseSessionId has been rewritten and deprecated (@deprecated Not used since 6.0.30) , but the checkin version is wrong since it was still in use in tomcat 6.0.32. Now to my problem/question. Is it just a bug that the method parseSessionId is no longer called by the method postParseRequest or how/where should the JSESSIONID be removed from the requestURL? Or could it be on purpose that the JSESSIONID no longer is removed from the requestURL? I would really appreciate if anybody could come with information regarding if this is a bug or a new expected behavior. Kind Regards, Daniel Pyykkö Software Developer Senselogic AB
