Axis
  1. Axis
  2. AXIS-1059

Cookies management broken in HTTP transport

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Resolution: Fixed
    • Affects Version/s: 1.1
    • Fix Version/s: None
    • Component/s: Basic Architecture
    • Labels:
      None
    • Environment:
      Operating System: Other
      Platform: All

      Description

      HTTPSender is designed to handle only one "set-cookie" header and therefore,
      when a server sends more than one cookie ( which is common ), only the last one
      is remembered.
      I'm attaching a small patch that fixes this issue ( but more work would be
      nedded to properly handle cookies , see TODO tags ).

      — axis-1_1/src/org/apache/axis/transport/http/HTTPSender.java 2003-09-11
      17:36:50.000000000 +0200
      +++ test/org/apache/axis/transport/http/HTTPSender.java 2003-09-11
      18:25:47.000000000 +0200
      @@ -78,6 +78,7 @@
      import java.net.Socket;^M
      import java.net.URL;^M
      import java.util.Hashtable;^M
      +import java.util.Vector;^M
      ^M
      /**^M

      • This is meant to be used on a SOAP Client to call a SOAP server.^M
        @@ -88,7 +89,8 @@
        public class HTTPSender extends BasicHandler {^M
        ^M
        protected static Log log = LogFactory.getLog(HTTPSender.class.getName());^M
        -^M
        + protected static final String
        HTTP_SET_COOKIE_HEADER_LC=HTTPConstants.HEADER_SET_COOKIE.toLowerCase();^M
        + ^M
        /**^M
      • invoke creates a socket connection, sends the request SOAP message and
        then^M
      • reads the response SOAP message back from the SOAP server^M
        @@ -220,12 +222,23 @@
        // don't forget the cookies!^M
        // mmm... cookies^M
        if (msgContext.getMaintainSession()) {^M
      • String cookie = msgContext.getStrProp(HTTPConstants.HEADER_COOKIE);^M
        + Vector cookies =
        (Vector)msgContext.getProperty(HTTPConstants.HEADER_COOKIE);^M
        String cookie2 = msgContext.getStrProp(HTTPConstants.HEADER_COOKIE2);^M
        -^M
      • if (cookie != null) {^M
      • otherHeaders.append(HTTPConstants.HEADER_COOKIE).append(": ")^M
        + String cookie;^M
        + ^M
        + if (cookies != null) ^M
        + {^M
        + //Process all cookies. Add one Cookie Header per cookie.^M
        + for (int i=0; i<cookies.size(); i++)^M
        + {^M
        + /**^M
        + * TODO : we should send only cookies that have not
        expired^M
        + * and that are matching the current URI.^M
        + */^M
        + cookie=(String)cookies.elementAt; ^M
        +
        otherHeaders.append(HTTPConstants.HEADER_COOKIE).append(": ")^M
        .append(cookie).append("\r\n");^M
        + }^M
        }^M
        if (cookie2 != null) {^M
        otherHeaders.append(HTTPConstants.HEADER_COOKIE2).append(": ")^M
        @@ -566,8 +579,23 @@
        msgContext.setProperty(HTTPConstants.MC_HTTP_STATUS_MESSAGE,^M
        name.substring(start + end + 1));^M
        } else {^M
      • headers.put(name.toLowerCase(), value);^M
      • System.out.println("Got Header : "name"="+value);^M
        + name=name.toLowerCase();^M
        + //Check for Set-Cookie special case^M
        + if (name.equals(HTTP_SET_COOKIE_HEADER_LC))^M
        + {^M
        + //An HTTP response can contain multiple
        Set-Cookie headers,^M
        + //Make sure we preserve all of them^M
        + Vector
        cookies=(Vector)headers.get(HTTP_SET_COOKIE_HEADER_LC);^M
        + if (cookies==null)^M
        + {^M
        + cookies=new Vector();^M
        + headers.put(HTTP_SET_COOKIE_HEADER_LC,
        cookies);^M
        + }^M
        + cookies.add(value);^M
        + log.debug("Retrieved Cookie :
        "+value);^M
        + }^M
        + else^M
        + headers.put(name, value); ^M
        }^M
        len = 0;^M
        }^M
        @@ -699,17 +727,24 @@
        Hashtable headers, MessageContext msgContext) {^M
        ^M
        if (headers.containsKey(setCookieName.toLowerCase())) {^M
      • String cookie = (String) headers.get(setCookieName.toLowerCase());^M
      • System.out.println("HandleCookie "+cookie);^M
      • cookie = cookie.trim();^M
        -^M
      • // chop after first ; a la Apache SOAP (see HTTPUtils.java there)^M
      • int index = cookie.indexOf(';');^M
        -^M
      • if (index != -1) {^M
      • cookie = cookie.substring(0, index);^M
      • }^M
      • msgContext.setProperty(cookieName, cookie);^M
        + Vector cookies = (Vector) headers.get(setCookieName.toLowerCase());^M
        + ^M
        + for (int i=0; i<cookies.size(); i++)^M
        + {^M
        + String cookie = ((String)cookies.elementAt).trim();
        ^M
        + // chop after first ; a la Apache SOAP (see HTTPUtils.java there)^M
        + int index = cookie.indexOf(';');^M
        + if (index != -1) ^M
        + {^M
        + /** ^M
        + * TODO: improve processing. ^M
        + * We should also keep track of the path, expiration
        date and secure flags.^M
        + */^M
        + cookie = cookie.substring(0, index);^M
        + cookies.set(i, cookie);^M
        + } ^M
        + }^M
        + msgContext.setProperty(cookieName, cookies);^M
        }^M
        }^M
        }^M
          • axis-1_1/src/org/apache/axis/transport/http/HTTPTransport.java
            2003-06-13 16:46:48.000000000 +0200
            +++ test/org/apache/axis/transport/http/HTTPTransport.java 2003-09-11
            18:07:24.000000000 +0200
            @@ -55,6 +55,8 @@
            ^M
            package org.apache.axis.transport.http;^M
            ^M
            +import java.util.Vector;^M
            +^M
            import org.apache.axis.AxisEngine;^M
            import org.apache.axis.AxisFault;^M
            import org.apache.axis.MessageContext;^M
            @@ -80,7 +82,7 @@
            */^M
            public static final String URL = MessageContext.TRANS_URL;^M
            ^M
      • private String cookie;^M
        + private Vector cookies;^M
        private String cookie2;^M
        private String action;^M
        ^M
        @@ -116,8 +118,8 @@
        }^M
        ^M
        // Set up any cookies we know about^M
      • if (cookie != null)^M
      • mc.setProperty(HTTPConstants.HEADER_COOKIE, cookie);^M
        + if (cookies!= null)^M
        + mc.setProperty(HTTPConstants.HEADER_COOKIE, cookies);^M
        if (cookie2 != null)^M
        mc.setProperty(HTTPConstants.HEADER_COOKIE2, cookie2);^M
        ^M
        @@ -130,7 +132,7 @@
        }^M
        ^M
        public void processReturnedMessageContext(MessageContext context) {^M
      • cookie = context.getStrProp(HTTPConstants.HEADER_COOKIE);^M
        + cookies = (Vector)context.getProperty(HTTPConstants.HEADER_COOKIE);^M
        cookie2 = context.getStrProp(HTTPConstants.HEADER_COOKIE2);^M
        }^M
        }^M

        Issue Links

          Activity

          Charles-Edouard Ruault created issue -
          Hide
          Charles-Edouard Ruault added a comment -

          Created an attachment (id=8159)
          Patch allowing to handle multiple cookies

          Show
          Charles-Edouard Ruault added a comment - Created an attachment (id=8159) Patch allowing to handle multiple cookies
          Hide
          Davanum Srinivas added a comment -
              • This bug has been marked as a duplicate of 20294 ***
          Show
          Davanum Srinivas added a comment - This bug has been marked as a duplicate of 20294 ***
          Serge Knystautas made changes -
          Field Original Value New Value
          issue.field.bugzillaimportkey 23111 15000
          Davanum Srinivas made changes -
          Link This issue is depended upon by AXIS-895 [ AXIS-895 ]
          Hide
          Davanum Srinivas added a comment -

          reopen

          Show
          Davanum Srinivas added a comment - reopen
          Davanum Srinivas made changes -
          Resolution Duplicate [ 3 ]
          Status Resolved [ 5 ] Reopened [ 4 ]
          Assignee Axis Developers Mailing List [ axis-dev@ws.apache.org ]
          Hide
          Davanum Srinivas added a comment -

          Fixed. Please try latest CVS.

          – dims

          Show
          Davanum Srinivas added a comment - Fixed. Please try latest CVS. – dims
          Davanum Srinivas made changes -
          Resolution Fixed [ 1 ]
          Status Reopened [ 4 ] Resolved [ 5 ]
          Mark Thomas made changes -
          Workflow jira [ 24995 ] Default workflow, editable Closed status [ 12554215 ]
          Mark Thomas made changes -
          Workflow Default workflow, editable Closed status [ 12554215 ] jira [ 12576851 ]
          Transition Time In Source Status Execution Times Last Executer Last Execution Date
          Resolved Resolved Reopened Reopened
          212d 15h 32m 1 Davanum Srinivas 11/Apr/04 16:13
          Reopened Reopened Resolved Resolved
          374d 16h 7m 1 Davanum Srinivas 21/Apr/05 08:21

            People

            • Assignee:
              Unassigned
              Reporter:
              Charles-Edouard Ruault
            • Votes:
              3 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development