[MGNLUI-4642] CLONE - Admincentral fails to start when JSESSIONID present in URI Created: 18/Sep/18  Updated: 27/Oct/18  Resolved: 23/Oct/18

Status: Closed
Project: Magnolia UI
Component/s: admincentral
Affects Version/s: None
Fix Version/s: 6.0

Type: Bug Priority: Neutral
Reporter: Mikaël Geljić Assignee: Mikaël Geljić
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: 0.5d
Time Spent: 0.5d
Original Estimate: Not Specified

Issue Links:
Cloners
clones MGNLUI-2291 Admincentral fails to start when JSES... Closed
Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Bug DoR:
[ ]* Steps to reproduce, expected, and actual results filled
[ ]* Affected version filled
Date of First Response:
Epic Link: Resurface theme
Sprint: Saigon 154, Saigon 155, Saigon 156
Story Points: 3

 Description   

Same cause same effects as MGNLUI-2291 in Magnolia 5.0; I'd like to revisit this now for the 6.0 admincentral. In particular, Vaadin won't work without cookies anyway, so we could consider disabling the URL tracking method on servlet side—and or amend the login redirect and make the assumption there to skip the rewrite.

I'll time-box that or revive Tobias's fix if it doesn't prove successful.

Cloned description:

Vaadin requires cookies to work and does not expect JSESSIONID to be present in the URI. When it is things break.

We used to have a problem where logging in would result in a 404, this was fixed in MAGNOLIA-5382 and the request is now correctly routed to the servlet.

This exposes another problem, a problem this ticket fixes.

Vaadin fails to start showing an alert about it being unable to load vaadinBootstrap.js. This error message is used irregardless of which resource it fails to load. In our case its actually resources set using @JavaScript and @StyleSheet. The reason is that the client appends the resource name to location.href. Location.href contains the JSESSIONID so the URI ends up being /.magnolia/admincentral;JSESSIONID=123/APP/PUBLISHED/...

The client will only use location.href if a 'serviceUrl' has not been sent from the server. It is normally not sent. By modifying AdmincentralVaadinServlet to include a serviceUrl this problem goes away.



 Comments   
Comment by Hieu Nguyen Duc [ 25/Oct/18 ]

Verified on bundle "magnolia-community-demo-bundle-6.0-20181024.140436-209-tomcat-bundle.zip", URIs with sessionID are 302-redirected to URIs without sessionID.

Generated at Mon Feb 12 09:18:39 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.