-
Bug
-
Resolution: Cannot Reproduce
-
P3
-
7u6
-
x86
-
windows_7
Description of the error:
Users are being logged out of the website when accessing their Java Applets.
It seems the plugin is NOT sending browser cookies when fetching crossdomain.xml file,
but does for other requests.
This means that their Tomcat server sends a new session cookie to the plugin to be set
in the browser, overwriting the users current session cookie which results in the user
being logged out.
Full plugin console output is attached(7u6_regression.txt), but these are the
interesting lines. Note: Before starting Applet, client already have a valid and
different JSESSIONID cookie for server fi.gosupermodel.com:
cache: Resource http://fi.gosupermodel.com/crossdomain.xml has expired.
network: Connecting http://fi.gosupermodel.com/crossdomain.xml.pack.gz with proxy=DIRECT
...
network: Server http://fi.gosupermodel.com/crossdomain.xml.pack.gz requesting to set-cookie with "JSESSIONID=EF7BE60F6F2B1DB0C9DE459319D881FE; Path=/"
...
network: Connecting http://fi.gosupermodel.com/4/102.pl with cookie "JSESSIONID=EF7BE60F6F2B1DB0C9DE459319D881FE"
This is NOT happening with version 1.7.0_05.
Test program:
Java Applets are delivered from a CDN using JNLP file+JARs on the CDN (sdn.gosupermodel.com) and a crossdomain.xml on the main server (gosupermodel.tv2.dk in this example).
The Applet makes regular HTTP requests to the main server using:
HttpURLConnection c = (HttpURLConnection) url.openConnection();
c.setRequestMethod("POST");
c.setDoInput(true);
c.setDoOutput(true);
DataOutputStream os = new DataOutputStream(c.getOutputStream()); // Exception occurs here
You can run our Applet directly from this page: http://gosupermodel.tv2.dk/shopping/shop.jsp?shopid=1
Users are being logged out of the website when accessing their Java Applets.
It seems the plugin is NOT sending browser cookies when fetching crossdomain.xml file,
but does for other requests.
This means that their Tomcat server sends a new session cookie to the plugin to be set
in the browser, overwriting the users current session cookie which results in the user
being logged out.
Full plugin console output is attached(7u6_regression.txt), but these are the
interesting lines. Note: Before starting Applet, client already have a valid and
different JSESSIONID cookie for server fi.gosupermodel.com:
cache: Resource http://fi.gosupermodel.com/crossdomain.xml has expired.
network: Connecting http://fi.gosupermodel.com/crossdomain.xml.pack.gz with proxy=DIRECT
...
network: Server http://fi.gosupermodel.com/crossdomain.xml.pack.gz requesting to set-cookie with "JSESSIONID=EF7BE60F6F2B1DB0C9DE459319D881FE; Path=/"
...
network: Connecting http://fi.gosupermodel.com/4/102.pl with cookie "JSESSIONID=EF7BE60F6F2B1DB0C9DE459319D881FE"
This is NOT happening with version 1.7.0_05.
Test program:
Java Applets are delivered from a CDN using JNLP file+JARs on the CDN (sdn.gosupermodel.com) and a crossdomain.xml on the main server (gosupermodel.tv2.dk in this example).
The Applet makes regular HTTP requests to the main server using:
HttpURLConnection c = (HttpURLConnection) url.openConnection();
c.setRequestMethod("POST");
c.setDoInput(true);
c.setDoOutput(true);
DataOutputStream os = new DataOutputStream(c.getOutputStream()); // Exception occurs here
You can run our Applet directly from this page: http://gosupermodel.tv2.dk/shopping/shop.jsp?shopid=1
- duplicates
-
-
- Closed
-
-
-
- Closed
-