36983 – session problems with cross context webapps

Bug 36983 - session problems with cross context webapps

Summary: session problems with cross context webapps

Status:	RESOLVED INVALID

Alias:	None

Product:	Tomcat 5
Classification:	Unclassified
Component:	Catalina (show other bugs)
Version:	5.5.12
Hardware:	Other other

Importance:	P2 normal (vote)
Target Milestone:	---
Assignee:	Tomcat Developers Mailing List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2005-10-10 11:03 UTC by Mirek Hankus
Modified:	2006-10-08 14:00 UTC (History)
CC List:	0 users

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Mirek Hankus 2005-10-10 11:03:30 UTC

I encountered a problem with sessions and cross context calls. Here is a scenario:

We have to webapps (webapp1 and webapp2). 
webapp1 is configured with cross contex set to true so it is able to dispatch to
webapp2. 
Now user access webapp1 and webapp2. Two sessions are created for both webapps. 

request.getSession in webapp1 returns session1 
request.getSession in webapp2 returns session2

Problem is during dispatching request from webapp1 to webapp2, because 
request.getSession in webapp2 does not return session2, but only for request
which is dispatched from webapp1. all the following request which are not cross
context again return session2, so session is not lost. 

Tomcat 5.0.x works fine when dispatching cross context requests (two separate
sessions are maintained for each webapp).

Comment 1 Mark Thomas 2006-10-08 14:00:35 UTC

5.5.x maintains two separate session objects although they do have the same ID.
I have also confirmed that session attributes are not visible across contexts.

I do not see anything in the current behaviour that goes against the
requirements of section SRV.7.3 of the servlet specification. I am therefore
closing this as INVALID.