1

Struggling with a bit of a mystery regarding a ghost like JESSIONID Cookie. I'm using JESSIONID to keep sessions between state changes in a AJAX based site. This works fine on a deployed server, but not when running the site on localhost using an external XML-based servlet.

Using HTTP Header tools I've been able to determine that the JSESID Cookie simply does not set:

localhost -> external: attempt login
external -> localhost: returns XML and correct Set-Cookie with JSESID
localhost -> external: sends next request with no JSESID Cookie (other cookies however, is > getting sent).

I've tried on several different computers (and browsers) and the result is the same. Weirdly however the solutions DOES work on mobile devices (PhoneGap + Android / iOs). Based on this I've also tried to run the site from file://, but with no luck.

Since the servlet already is deployed (Tomcat 6) there is unfortunately little / nothing I'm able to change on that end, but as far as I can gather it seems little likely that the problem is on that end. I've also attempted solution #1 as suggested in this thread. That does set a JSESID named cookie, but the content is getting filled with "gibberish".

function postDataToBean(formId, callbackFunc, callbackError)
{
    $.ajaxSetup ({  
        cache: false  
    });

    var_form_data = $("#" + formId).serialize();

    var request = $.ajax({
          url: getAppBackEndURL() + $("#" + formId).attr("action"),  
          type: "POST",
          data: var_form_data,
          dataType: "xml",
          contentType : "application/x-www-form-urlencoded"       
        });

    request.done(callbackFunc);
    request.fail(callbackError);
}
Community
  • 1
  • 1
Index
  • 2,351
  • 3
  • 33
  • 50
  • What does the entire Set-Cookie response look like from the server? What are the exact URLs you are attempting to access? – Christopher Schultz Jun 07 '12 at 15:14
  • I don't have access to the project at the moment, but off the top of my head I believe the response looked something like this: Set-Cookie: JSESSIONID=XXXXXXXXXXXXXXXXXXXXXXXXXXXX;PATH=/ The project is running at localhost, while the servlet / service I'm communicating with is at mydomain.com (I'll update with real URL asap). – Index Jun 07 '12 at 18:38
  • Please post the entire Set-Cookie when you've got it, including all parameters. – Christopher Schultz Jun 07 '12 at 18:51
  • Set-Cookie JSESSIONID=1234A1617578A14D9E6641BCDB68141; Path=/ As it appears in Wireshark. – Index Jun 08 '12 at 06:26
  • And you're sure that the hostname is the same each time? – Christopher Schultz Jun 09 '12 at 16:52

2 Answers2

0

Turns out it was a domain issue. Desktop browsers will only accept JSES Cookies if the domain that sets the cookie is the exact same as the one requesting it. Weirdly however this is not the case on mobile browsers such as Android Browser and Safari.

Index
  • 2,351
  • 3
  • 33
  • 50
0

I had the same problem and trying to resolve it periodically a few day. Searching and reading didn't give result.

Then i opened safari settings in iphone and cleared history, cookies data and removed website data. And surprise, everything is ok now. good luck

Evgeny Karpov
  • 2,386
  • 26
  • 16