OFBiz OFBiz - Dev

[jira] Created: (OFBIZ-1980) CrossSubdomainSessionValve for Tomcat

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
8 messages Options
Nicolas Malin (Jira)
Reply | Threaded
Open this post in threaded view
|

[jira] Created: (OFBIZ-1980) CrossSubdomainSessionValve for Tomcat

Nicolas Malin (Jira)
CrossSubdomainSessionValve for Tomcat
-------------------------------------

                 Key: OFBIZ-1980
                 URL: https://issues.apache.org/jira/browse/OFBIZ-1980
             Project: OFBiz
          Issue Type: Improvement
          Components: framework
    Affects Versions: SVN trunk
            Reporter: Mridul Pathak
             Fix For: SVN trunk


Different session is create if user moves from one subdomain to another one for the same host.  For example if someone moves from web.localdomain to secure.localdomain or vice versa a new seesion is created and session attributes are different on different subdomains.  The session attributes available in previous subdomain are not available to the new subdomain.  The patch provided fix this problem.

--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Nicolas Malin (Jira)
Reply | Threaded
Open this post in threaded view
|

[jira] Updated: (OFBIZ-1980) CrossSubdomainSessionValve for Tomcat

Nicolas Malin (Jira)

     [ https://issues.apache.org/jira/browse/OFBIZ-1980?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Mridul Pathak updated OFBIZ-1980:
---------------------------------

    Attachment: CrossSubdomainSessionValve.patch

Here is the patch.  Thanks to Andrew for guiding me.  Thanks to Pranay Pandey and Chirag Manocha for extensively testing the patch.

> CrossSubdomainSessionValve for Tomcat
> -------------------------------------
>
>                 Key: OFBIZ-1980
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-1980
>             Project: OFBiz
>          Issue Type: Improvement
>          Components: framework
>    Affects Versions: SVN trunk
>            Reporter: Mridul Pathak
>             Fix For: SVN trunk
>
>         Attachments: CrossSubdomainSessionValve.patch
>
>
> Different session is create if user moves from one subdomain to another one for the same host.  For example if someone moves from web.localdomain to secure.localdomain or vice versa a new seesion is created and session attributes are different on different subdomains.  The session attributes available in previous subdomain are not available to the new subdomain.  The patch provided fix this problem.

--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Nicolas Malin (Jira)
Reply | Threaded
Open this post in threaded view
|

[jira] Commented: (OFBIZ-1980) CrossSubdomainSessionValve for Tomcat

Nicolas Malin (Jira)
In reply to this post by Nicolas Malin (Jira)

    [ https://issues.apache.org/jira/browse/OFBIZ-1980?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12636720#action_12636720 ]

Andrew Zeneski commented on OFBIZ-1980:
---------------------------------------

This is great work and I am happy to hear that it works properly. This is ready for committing to the catalina component.

> CrossSubdomainSessionValve for Tomcat
> -------------------------------------
>
>                 Key: OFBIZ-1980
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-1980
>             Project: OFBiz
>          Issue Type: Improvement
>          Components: framework
>    Affects Versions: SVN trunk
>            Reporter: Mridul Pathak
>             Fix For: SVN trunk
>
>         Attachments: CrossSubdomainSessionValve.patch
>
>
> Different session is create if user moves from one subdomain to another one for the same host.  For example if someone moves from web.localdomain to secure.localdomain or vice versa a new seesion is created and session attributes are different on different subdomains.  The session attributes available in previous subdomain are not available to the new subdomain.  The patch provided fix this problem.

--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Nicolas Malin (Jira)
Reply | Threaded
Open this post in threaded view
|

[jira] Commented: (OFBIZ-1980) CrossSubdomainSessionValve for Tomcat

Nicolas Malin (Jira)
In reply to this post by Nicolas Malin (Jira)

    [ https://issues.apache.org/jira/browse/OFBIZ-1980?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12636724#action_12636724 ]

Joe Eckard commented on OFBIZ-1980:
-----------------------------------

Can't you solve this problem by setting the session cookie domain to ".somewebsite.com"? That would cover "www.somewebsite.com", "secure.somewebsite.com". etc.

> CrossSubdomainSessionValve for Tomcat
> -------------------------------------
>
>                 Key: OFBIZ-1980
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-1980
>             Project: OFBiz
>          Issue Type: Improvement
>          Components: framework
>    Affects Versions: SVN trunk
>            Reporter: Mridul Pathak
>             Fix For: SVN trunk
>
>         Attachments: CrossSubdomainSessionValve.patch
>
>
> Different session is create if user moves from one subdomain to another one for the same host.  For example if someone moves from web.localdomain to secure.localdomain or vice versa a new seesion is created and session attributes are different on different subdomains.  The session attributes available in previous subdomain are not available to the new subdomain.  The patch provided fix this problem.

--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Nicolas Malin (Jira)
Reply | Threaded
Open this post in threaded view
|

[jira] Commented: (OFBIZ-1980) CrossSubdomainSessionValve for Tomcat

Nicolas Malin (Jira)
In reply to this post by Nicolas Malin (Jira)

    [ https://issues.apache.org/jira/browse/OFBIZ-1980?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12636743#action_12636743 ]

Scott Gray commented on OFBIZ-1980:
-----------------------------------

That would be a much easier way of doing things, but unfortunately Tomcat doesn't give you that option:
http://www.google.co.nz/search?hl=en&q=tomcat+set+session+cookie+domain&btnG=Google+Search&meta=


> CrossSubdomainSessionValve for Tomcat
> -------------------------------------
>
>                 Key: OFBIZ-1980
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-1980
>             Project: OFBiz
>          Issue Type: Improvement
>          Components: framework
>    Affects Versions: SVN trunk
>            Reporter: Mridul Pathak
>             Fix For: SVN trunk
>
>         Attachments: CrossSubdomainSessionValve.patch
>
>
> Different session is create if user moves from one subdomain to another one for the same host.  For example if someone moves from web.localdomain to secure.localdomain or vice versa a new seesion is created and session attributes are different on different subdomains.  The session attributes available in previous subdomain are not available to the new subdomain.  The patch provided fix this problem.

--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Nicolas Malin (Jira)
Reply | Threaded
Open this post in threaded view
|

[jira] Commented: (OFBIZ-1980) CrossSubdomainSessionValve for Tomcat

Nicolas Malin (Jira)
In reply to this post by Nicolas Malin (Jira)

    [ https://issues.apache.org/jira/browse/OFBIZ-1980?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12636747#action_12636747 ]

Joe Eckard commented on OFBIZ-1980:
-----------------------------------

I see - my mistake. I use the jetty container (which has support for this) and assumed Tomcat would work the same way.

> CrossSubdomainSessionValve for Tomcat
> -------------------------------------
>
>                 Key: OFBIZ-1980
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-1980
>             Project: OFBiz
>          Issue Type: Improvement
>          Components: framework
>    Affects Versions: SVN trunk
>            Reporter: Mridul Pathak
>             Fix For: SVN trunk
>
>         Attachments: CrossSubdomainSessionValve.patch
>
>
> Different session is create if user moves from one subdomain to another one for the same host.  For example if someone moves from web.localdomain to secure.localdomain or vice versa a new seesion is created and session attributes are different on different subdomains.  The session attributes available in previous subdomain are not available to the new subdomain.  The patch provided fix this problem.

--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Nicolas Malin (Jira)
Reply | Threaded
Open this post in threaded view
|

[jira] Assigned: (OFBIZ-1980) CrossSubdomainSessionValve for Tomcat

Nicolas Malin (Jira)
In reply to this post by Nicolas Malin (Jira)

     [ https://issues.apache.org/jira/browse/OFBIZ-1980?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Scott Gray reassigned OFBIZ-1980:
---------------------------------

    Assignee: Scott Gray

> CrossSubdomainSessionValve for Tomcat
> -------------------------------------
>
>                 Key: OFBIZ-1980
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-1980
>             Project: OFBiz
>          Issue Type: Improvement
>          Components: framework
>    Affects Versions: SVN trunk
>            Reporter: Mridul Pathak
>            Assignee: Scott Gray
>             Fix For: SVN trunk
>
>         Attachments: CrossSubdomainSessionValve.patch
>
>
> Different session is create if user moves from one subdomain to another one for the same host.  For example if someone moves from web.localdomain to secure.localdomain or vice versa a new seesion is created and session attributes are different on different subdomains.  The session attributes available in previous subdomain are not available to the new subdomain.  The patch provided fix this problem.

--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Nicolas Malin (Jira)
Reply | Threaded
Open this post in threaded view
|

[jira] Closed: (OFBIZ-1980) CrossSubdomainSessionValve for Tomcat

Nicolas Malin (Jira)
In reply to this post by Nicolas Malin (Jira)

     [ https://issues.apache.org/jira/browse/OFBIZ-1980?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Scott Gray closed OFBIZ-1980.
-----------------------------

    Resolution: Fixed

Thanks Mridul and co., committed in rev. 701564

Note: I made one small change, switched from logInfo to logVerbose to reduce the amount of noise created in the logs


> CrossSubdomainSessionValve for Tomcat
> -------------------------------------
>
>                 Key: OFBIZ-1980
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-1980
>             Project: OFBiz
>          Issue Type: Improvement
>          Components: framework
>    Affects Versions: SVN trunk
>            Reporter: Mridul Pathak
>            Assignee: Scott Gray
>             Fix For: SVN trunk
>
>         Attachments: CrossSubdomainSessionValve.patch
>
>
> Different session is create if user moves from one subdomain to another one for the same host.  For example if someone moves from web.localdomain to secure.localdomain or vice versa a new seesion is created and session attributes are different on different subdomains.  The session attributes available in previous subdomain are not available to the new subdomain.  The patch provided fix this problem.

--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Free forum by Nabble Edit this page