4

Good afternoon, I come to request support here to try to understand a behavior that I have noticed in my application and that I cannot explain the reason why it happens.

Settings

I'm using Webshepere, version 9.0.0.11, in which a spring mvc application is running over HTTPS in a profile. This application performs the definition of values ​​in session (HttpSession), so that later, through the JSP, it is possible to obtain this data to be displayed in the browser. On the client side, through js, a connection is made via WebSocket. The WebSocket server is located in another WebShepere profile.

Unexpected behavior

Whenever the websocket connection is successfully performed, all session data is deleted. Only the data that was recorded after successful connection is kept.

Additional data

  • If the WebSocket Server is installed in the same profile, the reported behavior no longer occurs, and the application works as expected.
  • if the application uses HTTP, the behaviour isn't presente.
  • on wildfly server, even with HTTPS, the behaviour is as expected, that means that session data isn`t deleted.

Default configuration

  • Application Address: https://myappurl:9444/
  • webSocket Server address: wss://myappurl:9450/websocket
Francisco Perestrelo
  • 95
  • 7

1 Answers1

0

After tests carried out, it was found that as the connection to the websocket was made to another port on the same domain, an override of the cookies was being carried out, thus eliminating the session data.

The solution went through, in the webshere's profile where the websoket server is located, changing the parameterization of the cookie name in the session management, from the default (JSESSIONID) to (JSESSIONIDA).

Path: Application servers > server1 > Web container > Session management > Cookies

Francisco Perestrelo
  • 95
  • 7