Re: Cookie path and domain issue...

[Abraham Lin]

The path rewriting should be done by the proxy, not by your code. What are you using as the proxy?

-Abraham

[Michael Joyner]

On Mon, Oct 22, 2012 at 3:05 PM, Abraham Lin <atomknig...@gmail.com> wrote:

The path rewriting should be done by the proxy, not by your code. What are you using as the proxy?

I am using the following in my apache config:

       <Location /PubzMeAPI-TEST/>
                ProxyPass ajp://localhost:8009/dev-PubzMeAPI-TEST/
        </Location>

I do need to change the cookies to match based on the hostname + path being requested, as the same servlet will have multiple hostnames/paths it can be accessed by.

At this moment I am leaning towards trying to insert manual cookies sets in @override for "processCall", as I can't seem to find a way to set this dynamically on a per request basis. :(
 

-Abraham

--
You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group.

To view this discussion on the web visit https://groups.google.com/d/msg/google-web-toolkit/-/ZrFfNsFcEDwJ.

To post to this group, send email to google-we...@googlegroups.com.
To unsubscribe from this group, send email to google-web-tool...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.

[Abraham Lin]

Use the ProxyPassReverseCookieDomain and ProxyPassReverseCookiePath directives in your httpd config. Depending on how your virtual hosts are configured, you may want to make use of the environment variable interpolation.

-Abraham

[Michael Joyner]

On Monday, October 22, 2012 4:07:52 PM UTC-4, Abraham Lin wrote:

Use the ProxyPassReverseCookieDomain and ProxyPassReverseCookiePath directives in your httpd config. Depending on how your virtual hosts are configured, you may want to make use of the environment variable interpolation.

Is there any reason these values cannot be set in the gwt RPC servlet? I can set these in the a 'standard' servlet using the previously referenced code, and I am at a loss as to why I can't set them for a GWT servlet also...
 

-Abraham

[Michael Joyner]

I injected a hackish fix. As this servlet is being deployed in multiple contexts, counting on the proxy stuff being set correctly is problematic. I prefer not counting on myself or other humans in making sure said proxy configs are set correctly everywhere.

Here is my hackish fix for those curious:


/* (non-Javadoc)
     * @see com.google.gwt.user.server.rpc.RemoteServiceServlet#processCall(java.lang.String)
     */
    @Override
    public String processCall(String payload) throws SerializationException {
        fixSessionCookie();   
        return super.processCall(payload);
    }

private void fixSessionCookie(){
        String sessionId="";
       
        sessionId=getThreadLocalRequest().getSession(true).getId();
        Cookie sessionCookie=new Cookie("JSESSIONID", sessionId);
        sessionCookie.setComment("API Session Tracking Cookie");
        sessionCookie.setDomain(getThreadLocalRequest().getServerName());
        sessionCookie.setPath("/");
        sessionCookie.setSecure(false);
        sessionCookie.setValue(sessionId);
        sessionCookie.setMaxAge(-1);
       
        System.err.println("session id: "+sessionCookie.getValue());
       
        getThreadLocalResponse().addCookie(sessionCookie);       
    }