[MAGNOLIA-4911] Sticky "jsessionid" URL parameter causes 404 right after login Created: 04/Mar/13 Updated: 02/Sep/14 Resolved: 27/Jun/13 |
|
| Status: | Closed |
| Project: | Magnolia |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 5.0 |
| Type: | Bug | Priority: | Blocker |
| Reporter: | Andreas Weder | Assignee: | Daniel Lipp |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | alpha3 | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
Device: Firefox 19.0, Mac OS X 10.8.2 |
||
| Attachments: |
|
||||||||||||||||||||||||
| Issue Links: |
|
||||||||||||||||||||||||
| Template: |
|
||||||||||||||||||||||||
| Acceptance criteria: |
Empty
|
||||||||||||||||||||||||
| Task DoD: |
[ ]*
Doc/release notes changes? Comment present?
[ ]*
Downstream builds green?
[ ]*
Solution information and context easily available?
[ ]*
Tests
[ ]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
||||||||||||||||||||||||
| Bug DoR: |
[ ]*
Steps to reproduce, expected, and actual results filled
[ ]*
Affected version filled
|
||||||||||||||||||||||||
| Date of First Response: | |||||||||||||||||||||||||
| Description |
|
Sometimes, if you log-in, you'll get a 404-page not found. In my quick tests, it especially happens, when you close a browser and start it again, then log into Magnolia. In order to reproduce: |
| Comments |
| Comment by Andreas Weder [ 04/Mar/13 ] |
|
Marking this as blocker, as it leads to a very nasty demo effect. |
| Comment by Andreas Weder [ 04/Mar/13 ] |
|
Attached a screen shot showing this not so convincing feature. |
| Comment by Daniel Lipp [ 04/Mar/13 ] |
|
Looks like it's something to be configured: http://fralef.org/tomcat-disable-jsessionid-in-url.html |
| Comment by Andreas Weder [ 05/Mar/13 ] |
|
Adding reference to a website explaining the background behind why this URL parameter is added, under what condition this happens and how you can change that in TC 6 and 7 |
| Comment by Andreas Weder [ 05/Mar/13 ] |
|
I can confirm the the server-config setting, suggested on the web page linked to this issue, works and the error remains reproducible. Use the setting, it doesn't show up, remove it again, it shows up again if you follow the steps mentioned here. So far, this only happened if I explicitly used http://localhost:8080/magnolia and not when I used e.g. http://localhost:8080/magnoliaAuthor/.magnolia/admincentral (linked on the "welcome screen" available on http://localhost:8080) or http://localhost:8080/magnoliaAuthor/.magnolia/admincentral#shell:applauncher:; (shown in the Apps screen after login). |
| Comment by Daniel Lipp [ 20/Mar/13 ] |
|
See http://git.magnolia-cms.com/gitweb?p=ce-bundle.git;a=commitdiff;h=936ceae95ce58fcb2b896e3a39bd849a72b9e4f0 - I had used the old & wrong issue no |
| Comment by Daniel Lipp [ 27/Jun/13 ] |
|
reopening to be able to set proper resolution |
| Comment by Daniel Lipp [ 27/Jun/13 ] |
|
had been fixed and reviewed long time ago - now just set proper resolution |
| Comment by Tobias Mattsson [ 03/Oct/13 ] |
|
The real problem is in info.magnolia.cms.filters.Mapping#findMatcher where it matches using the uri taken either from AggregationState or HttpServletRequest.getRequestURI(). Both contains the path parameter JSESSIONID and should be ignored but isn't. It could be argued that it should have been stripped already in ContentTypeFilter where the aggregation state is populated. See also |
| Comment by Lars Fischer [ 02/Sep/14 ] |
|
The link seems to have changed |