[WICKET-6360] WebSocket fails when url-based jsessionid is used - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 8.0.0-M5
Fix Version/s: 8.0.0-M6
Component/s: wicket-native-websocket
Labels:
None

Description

When the session id is passed in the URL (versus in a cookie), the GET request to establish the websocket does not include the jsessionid parameter.

The following snippet comes from the NGINX access.log:

198.27.205.33 - - [18/Apr/2017:16:24:46 +0000] "GET /quantumcamp/enrollment;jsessionid=10553zpxeq9lww6iq1qekcl17owsj195.10553?3 HTTP/1.1" 200 11818 "https://www.classprep.net/quantum
camp/signin;jsessionid=10553zpxeq9lww6iq1qekcl17owsj195.10553?1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/5
37.36" "-"
198.27.205.33 - - [18/Apr/2017:16:24:46 +0000] "GET /wicket/websocket?pageId=3&wicket-ajax-baseurl=quantumcamp%2Fenrollment%3F3&wicket-app-name=wicket.classprep HTTP/1.1" 101 0 "-" "
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36" "-"

Note the jsessionid in the initial request is not included in the websocket request.

This manifests itself an the NPE:

2017-04-18 16:51:45,028 - WARN - WebSocketSession -
java.lang.NullPointerException
at org.apache.wicket.protocol.ws.api.AbstractWebSocketProcessor.<init>(AbstractWebSocketProcessor.java:104)

This is easily reproduced. Just disable cookies in your web browser.

Attachments

Issue Links

links to

Discussion about the behavior in Jetty 9.4.x

Activity

People

Assignee:: Martin Tzvetanov Grigorov

Reporter:: Don Ferguson

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 18/Apr/17 17:22

Updated:: 28/Apr/17 19:36

Resolved:: 28/Apr/17 18:44