jsessionid and cookie :

Hi,

We make use of an eternal payment provider in a similar manner to how PayPal works. In fact the PayPal code formed the basis of our integration, so thank you to those who contributed.

I do unfortunately have a session problem I dont really understand. With OFBiz deployed on my laptop and configured to point to the payment provider I am able to redirect to the payment provider who inturn can successfully redirect back to me and my current session. See http headers below :

Local Laptop ---> Session handling works fine

(Request-Line)    GET /a4u-ecommerce/control/processorder HTTP/1.1
Host    afu-xplanner.dyndns.biz:18443
User-Agent    Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.10) Gecko/2009042523 Ubuntu/8.10 (intrepid) Firefox/3.0.10
Accept    text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language    en-us,en;q=0.5
Accept-Encoding    gzip,deflate
Accept-Charset    ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive    300
Connection    keep-alive
Referer    https://afu-xplanner.dyndns.biz:18443/a4u-ecommerce/control/checkoutoptions
Cookie    JSESSIONID=216DA233BB0705D5F98EE2461DB67690.jvm1; OFBiz.Visitor=12600; a4u-ecommerce.autoUserLoginId=gedwards

(Request-Line)    POST /concord2/go/pay.jsp HTTP/1.1
Host    secure.portaluniverse.com
User-Agent    Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.10) Gecko/2009042523 Ubuntu/8.10 (intrepid) Firefox/3.0.10
Accept    text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language    en-us,en;q=0.5
Accept-Encoding    gzip,deflate
Accept-Charset    ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive    300
Connection    keep-alive
Referer    https://secure.portaluniverse.com/concord2/go/pay.jsp?id=0001&order_number=WSSSCOA4U11880&app_id=africa4you&amount=206.70&currency=ZAR&cancel_url=https%3A%2F%2Fafu-xplanner.dyndns.biz%3A18443%2Fa4u-ecommerce%2Fcontrol%2FcancelPortalUniverseOrder&return_url=https%3A%2F%2Fafu-xplanner.dyndns.biz%3A18443%2Fa4u-ecommerce%2Fcontrol%2FportalUniverseNotification&hash=61f16acb5defe8ddbc2115af5a25a2b7〈=EN
Cookie    JSESSIONID=4543293330da81acd37d3007489390f9c4162de1054f.e38Mc3eQb3uLaO0Ma40
Content-Type    application/x-www-form-urlencoded
Content-Length    393



However on our staging server the same code base does not handle the session tracking at all. Not totally understanding session tracking I am finding this a bit difficult to get to the bottom of, any help would be appreciated. Below are the http headers from the staging server, for me the most noteable difference  is that the JSESSIONID is missing from the cookie during the out going request??

(Request-Line)    GET /a4u-ecommerce/control/processorder;jsessionid=B662ADD66920B6B82EFA6D6826BF53C4.jvm1 HTTP/1.1
Host    www.africa4you.co.za
User-Agent    Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.10) Gecko/2009042523 Ubuntu/8.10 (intrepid) Firefox/3.0.10
Accept    text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language    en-us,en;q=0.5
Accept-Encoding    gzip,deflate
Accept-Charset    ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive    300
Connection    keep-alive
Referer    https://www.africa4you.co.za/a4u-ecommerce/control/checkoutoptions;jsessionid=B662ADD66920B6B82EFA6D6826BF53C4.jvm1
Cookie    OFBiz.Visitor=12410; a4u-ecommerce.autoUserLoginId=gedwards



(Request-Line)    POST /concord2/go/pay.jsp HTTP/1.1
Host    secure.portaluniverse.com
User-Agent    Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.10) Gecko/2009042523 Ubuntu/8.10 (intrepid) Firefox/3.0.10
Accept    text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language    en-us,en;q=0.5
Accept-Encoding    gzip,deflate
Accept-Charset    ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive    300
Connection    keep-alive
Referer    https://secure.portaluniverse.com/concord2/go/pay.jsp?id=0001&order_number=WSSCOA4U11810&app_id=africa4you&amount=206.70&currency=ZAR&cancel_url=https%3A%2F%2Fwww.africa4you.co.za%2Fa4u-ecommerce%2Fcontrol%2FcancelPortalUniverseOrder&return_url=https%3A%2F%2Fwww.africa4you.co.za%2Fa4u-ecommerce%2Fcontrol%2FportalUniverseNotification&hash=a9adef15645d64476f100a823fd3721a〈=EN>
Cookie    JSESSIONID=4543293330da321c3ebc7e8349cfb47adcd659e1bc28.e38Mc3eQb3uLaO0Ma40
Content-Type    application/x-www-form-urlencoded
Content-Length    393


Kind regards

Grant Edwards