JSESSIONID problem. 2004-02-04 - By Papillon
Back
You say both IE are sames but you seems to have two differents OS windows
XP(server 2003 ?) and windows 2000
You've a lot security problems with XP so with cookies too.
Try to set the security very low, accept all type of cookies temporaly to be
sure it's not a security's windows problem...
Papillon
> De�: "Chugh, Sanjay" <schugh@(protected)>
> R�pondre �: "Tomcat Users List" <tomcat-user@(protected)>
> Date�: Wed, 4 Feb 2004 15:52:46 -0700
> : "Tomcat Users List" <tomcat-user@(protected)>
> Objet�: JSESSIONID problem.
>
> Thanks. I have changed the subject because it better reflects the
> problem after some analysis. Thanks to Papillon for suggesting to use
> burp proxy. However, now I am at a loss to explain the behaviour after
> analyzing the log from burp proxy.
> When I run IE on my box and target TomCat on my box, and I click on a
> link in my app which launches another window, the http header is:
>
> =====================================================> http://schughpc:8080
[10.32.2.41]
> =====================================================> GET /Workplace
/FormServlet?cmd=blank&context=form HTTP/1.0
> Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
> application/vnd.ms-excel, application/vnd.ms-powerpoint,
> application/msword, application/x-shockwave-flash, */*
> Referer:
> http://localhost:8080/Workplace/properties/DocumentForm.jsp?policyObject
> StoreName�orms&objectStoreName�orms&vsId=%7B0A1D7877-B64B-4927-B698-
> 9642C6DB6B60%7D&windowIdV657&policyId=%7B14CBF1E8-606C-4D7F-AE88-54033
> 5681DD7%7D&returnUrl=http%3A%2F%2Flocalhost%3A8080%2FWorkplace%2FWcmBrow
> se.jsp%3FwindowId%3DmainWindow&id=%7B8121190B-BF94-454D-92EB-2262A3FD71D
> E%7D
> Accept-Language: en-us
> Proxy-Connection: Keep-Alive
> User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR
> 1.0.3705)
> Host: schughpc:8080
>
>
> =====================================================>
> Here you can see the JSESSIONID cookie is missing when it was present in
> all the headers grabbed by burp proxy prior to this one.
>
> When I run IE on another machine but still target TomCat on my machine,
> the http header for the same request looks like:
>
> =====================================================> http://schughpc:8080
[10.32.2.41]
> =====================================================> GET /Workplace
/FormServlet?cmd=blank&context=form HTTP/1.0
> Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
> Referer:
> http://schughpc:8080/Workplace/properties/DocumentForm.jsp?policyObjectS
> toreName�orms&objectStoreName�orms&vsId=%7B0A1D7877-B64B-4927-B698-9
> 642C6DB6B60%7D&windowId�588&policyId=%7B14CBF1E8-606C-4D7F-AE88-540335
> 681DD7%7D&returnUrl=http%3A%2F%2Fschughpc%3A8080%2FWorkplace%2FWcmBrowse
> .jsp%3FwindowId%3DmainWindow&id=%7B8121190B-BF94-454D-92EB-2262A3FD71DE%
> 7D
> Accept-Language: en-us
> Proxy-Connection: Keep-Alive
> User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR
> 1.0.3705)
> Host: schughpc:8080
> Cookie: JSESSIONIDhAF13A9B0FE3C8A200BDB594E753ECC
>
>
> =====================================================>
> You can see the cookie is present.
> The requests afterwards use this cookie and everything works fine.
>
> However in the latter case (where the cookie is missing), the next
> request receives a new cookie and everything starts falling apart.
>
> IE on both machine is set up identically.
>
> If anyone knows or has any suggestions as to the problem, it would be
> much appreciated.
>
> Thanks,
>
> -- Sanjay
>
>
> -- --Original Message-- --
> From: Papillon [mailto:leakim@(protected)]
> Sent: Wednesday, February 04, 2004 2:02 PM
> To: Tomcat Users List
> Subject: Re: Is this a Tomcat problem? Someone please point me in
> theright direction to solve this problem...
>
>
> Try burp proxy (Thanks again Mr Yansheng Lin) to see differences. Your
> server have only one ip ? No NAT on your network ? WAN adress ? My
> problem is not the same but perhaps it can help you in research :
> http://www.mail-archive.com/tomcat-user@(protected)/msg117526.htm
> l
>
> Good luck !
>
>
>
>> De�: "Chugh, Sanjay" <schugh@(protected)>
>> R�pondre �: "Tomcat Users List" <tomcat-user@(protected)>
> Date�
>> : Wed, 4 Feb 2004 12:43:40 -0700 : "Tomcat Users List"
>> <tomcat-user@(protected)> Objet�: Is this a Tomcat problem?
>> Someone please point me in the right direction to solve this
>> problem...
>>
>> I am part of a large team working on a java project with Tomcat. We
>> are using jdk1.3.1 and Tomcat 4.1.18. The problem is that the latest
>> build of our application has a problem on my machine. I've tracked it
>> down to what seems like a problem with the session. When code that
>> retreives information from the session is executed, it is not giving a
>
>> valid result back. The part that I am having problem with is that it
>> is a problem only on my machine. In fact if I hit the Tomcat server on
>
>> my machine from another machine on the network, then everything works
>> fine as well. The same is true if I hit the Tomcat server on my
>> machine from a virtual machine running also on my machine. It is only
>> when I run the application itself on my machine. I did just check one
>> other thing. That is I started IE on my machine but hit the tomcat
>> server on another physical machine. This time the application worked
>> fine on my machine. This is all very confusing, and I am at a loss to
>> explain what is is on my machine or my tomcat server that is causing a
>
>> problem.
>>
>> I've compared the different machine configuration (they are all pretty
>
>> similar). The Internet Explore options on all the machines are
>> identical.
>>
>> I would apreciate any ideas someone might have to offer.
>>
>> Thanks,
>>
>>
>> -- Sanjay
>>
>>
>> -- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ------
>> To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
>> For additional commands, e-mail: tomcat-user-help@(protected)
>>
>
>
> -- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
> For additional commands, e-mail: tomcat-user-help@(protected)
>
>
>
>
> -- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
> For additional commands, e-mail: tomcat-user-help@(protected)
>
-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)
|
|
