How to make JBoss identify the JSESSIONID if it configured as an Http Query Parameter
Issue
- How to use a http query parameter to set the session id after a http session has been created using a cookie.
- Client-a sends an http-request to a web-app with no session cookie set in the request.
- The server creates a new session and responses with the jsessionid (e.g. ABC123)set as a cookie.
-
Client-a sends now a second request with the jsessionid set as a query paramerter in the request url (e.g. The value of the query parameter is the same session id as the one the server responded to the first request).
-
The server does not recognize the JESSIONID query parameter. The server just sees that there is no jsessionid set as a cookie and creates a new session object.
-
What needs to be done in order to get the server to use the jsessionid which is submitted as a query parameter?
-
The cookies are enabled in the browser. After the first request , the jsessionid cookie is set in the browser as a session has been created. Before the second request, deleted all cookies in the browser and modified my request url like the following:
http//somedomain/web-app?JSESSIONID=PreviouslyCreatedSessionId
-
It is expected that the server evaluates the url parameter JSESSIONID and recognizes that there is a session with the corresponding session id. Unfortunately, this is not happening. Instead the server creates a new session and sets a new session cookie with a new session id.
-
An http post request is send programmatically by a third party application and after that a browser is opened by that third party app using a redirect url which was re-ceived by the response of the previous post.
-
The first post starts a session and receives the cookie. Unfortunately, the other application starts the browser without that cookie.
-
Jboss would recognize that session provided as the Http Query parameter even though there is no cookie.
Environment
- JBoss Enterprise Application Platform (EAP)
- 5.x
- 6.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
