Uploaded image for project: 'Wicket'
  1. Wicket
  2. WICKET-6571

BaseWebSocketBehavior should check sessionId cookie name dynamically

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 8.0.0
    • Fix Version/s: 8.1.0
    • Labels:
      None

      Description

      When creating a WebSocket connection, Wicket tries to check if session id is tracked by URL or by cookies.

      The code is in the org.apache.wicket.protocol.ws.api.BaseWebSocketBehavior#getSessionId(Component component)

      It uses a hardcoded sessionId cookie name (JSESSIONID). So when an application uses a different sessionId cookie name, this code wrongly assumes there is no cookie with session id and appends session Id in the websocket connection URL.

      I think it should use to get session id cookie name

      servletContext.getSessionCookieConfig().getName()

       

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                mgrigorov Martin Grigorov
                Reporter:
                jan-krakora Jan Krakora
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: