Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-7148540

Applet altering value of ASP.NET_SessionId cookie in Java 6 Update 31

XMLWordPrintable

    • x86
    • windows_vista

      FULL PRODUCT VERSION :
      Java Plug-in 1.6.0_31
      JRE 1.6.0_31-b05 Java HotSpot(TM) Client VM

      ADDITIONAL OS VERSION INFORMATION :
      Microsoft Windows [Version 6.0.6002]

      EXTRA RELEVANT SYSTEM CONFIGURATION :
      Java Control Panel > Advanced > Java Plug-in:
      "Enable the next-generation Java Plug-in" is disabled

      A DESCRIPTION OF THE PROBLEM :
      After installing Java 6 Update 31, we found that the Browser Cookie behaviour (e.g. ASP.NET_SessionId) is changed when Next Generation Plug-in is disabled. While Java APPLET sends a HTTP-request to application server, browser cookie is dropped and doesn't send back to server.

      This kind of cookie is important in order to maintain session between browser and application server. If such information is dropped, embedded applet and web browser can't work in a common user session. User session is broken.

      A similar problem occurred with Java 6 Update 29, while in the Update 30 was resolved.



      REGRESSION. Last worked in version 6u29


      REPRODUCIBILITY :
      This bug can be reproduced always.

      CUSTOMER SUBMITTED WORKAROUND :
      The problem does not occur by enabling the next-generation Java Plug-in.
      This bug was reported as a result of the discussion in this forum thread:
      https://forums.oracle.com/forums/thread.jspa?forumID=937&threadID=2351353

            Unassigned Unassigned
            webbuggrp Webbug Group
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved:
              Imported:
              Indexed: