Uploaded image for project: 'Struts 1'
  1. Struts 1
  2. STR-2404

Session attribute disappear under SSL

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Incomplete
    • Affects Version/s: 1.2.4
    • Fix Version/s: None
    • Component/s: Core
    • Labels:
      None
    • Environment:
      Operating System: Windows 2000
      Platform: PC
    • Bugzilla Id:
      34071

      Description

      I have a page that should be accessed under SSL. The page also requires
      authentification and before forward to that page, user must login first.

      Since the custom RequestProcessor is responsible for all requests, in case that
      page requires authentification, some parameters have been set, including
      session attribute, keeping the URL of the page (e.g.
      https://localhost:8443/app/myPage.do). After setting, request and response
      objects are forwarded to the login action, using RequestDispatcher
      (dispatcher.forward(request, response)

      In the login action, when printing value from the session attribute, I have
      correct value.

      After login form is submitted (request processor is called and request is
      forwarded to the login action for further processing), after printing value
      from session attribute, the result is NULL.

      The same scenario works perfect for all non-secure URLs.

      Is there a problem with my request processor or the problem is with Struts?

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              nikola.radic@eurodyn.com Nikola
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: