users@glassfish.java.net

Session-ID Problem

From: <glassfish_at_javadesktop.org>
Date: Wed, 21 Oct 2009 09:58:35 PDT

Hi,

I try out today URL rewriting but I got some problems on glassfish v3 b57.

I wrote the following servlet:

public class Servlet extends HttpServlet {

    protected void doGet(HttpServletRequest httpServletRequest,
            HttpServletResponse httpServletResponse) throws ServletException, IOException {
        PrintWriter writer = httpServletResponse.getWriter();

        HttpSession session = httpServletRequest.getSession();

        System.out.println("session=" + session);
        String url = httpServletResponse.encodeURL("sample");
        writer.write("<html><head></head><body><a href='");
        writer.write(url);
        writer.write("'>Enc url: ");
        writer.write(url);
        writer.write("</a></body></html>");
        writer.flush();
        writer.close();
    }
}

The servlet simply generated an encoded URL (should be used in case that cookies are disabled). The line:
HttpSession session = httpServletRequest.getSession();
generated a new session if there is no session, otherwise reuses the session.

The web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
           xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
  http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">

    <servlet>
        <servlet-name>myservlet</servlet-name>
        <servlet-class>Servlet</servlet-class>
    </servlet>
    <servlet-mapping>
        <servlet-name>myservlet</servlet-name>
        <url-pattern>/sample</url-pattern>
    </servlet-mapping>
</web-app>

There is no html/jsp page just goto: http://localhost:8080/sample

For this example cookies must be disabled.
After the first call the session is created and with click on the link it should be reused. But glassfish creates with every new click a new session.
I try out this example on tomcat 6 and it works like I expect. Tomcat is reusing the session.

I found some threads for glassfish 2. It seems to be there was similar behavior. The thread gave the advice to extend the sun-web.xml and to add the following lines:
    <session-config>
        <session-properties>
            <property name="enableCookies" value="false" />
            <property name="enableURLRewriting" value="true" />
        </session-properties>
    </session-config>

I did this too, but the problem was the same.

Can anybody explain this behavior or is this a bug?

Thanks in advance

Holger
[Message sent by forum member 'hbrade' (holger_at_hbrade.com)]

http://forums.java.net/jive/thread.jspa?messageID=368828