Problem with external configuration from Websphere
42 views
Skip to first unread message
Lubomir Arnold
Oct 28, 2024, 1:33:17 PMOct 28
to Orbeon Forms
Hello,
We are trying to configure orbeon forms solution on multiple nodes (application servers) in Websphere (WAS) java app server. Because of session in WAS in the jsessionid property is composed from prefix+sessionid+suffix, we need to configure suffix on each node separately (prefix is the same on all nodes). Our solution is to have own oxf.properties definition on each node. We have tried to use WebContainer custom properties and also JVM custom properties to define this param but without success. It seems that its ignored by servlet and these defined parameters are not passed to the web.xml as context parameter. We have tried this solution also on tomEE app server and there it's working correctly. Do you have a idea what can be a problem?
We have also tried to solution with special parameter what define property name suffix in web.xml of orbeon app like:
<context-param>
<param-name>oxf.properties</param-name>
<param-value>oxf:/config/properties-${orbeon_config_name}.xml</param-value>
</context-param>
but also without success. On orbeon app load we see param value with placeholder so it seems that also ignored.
Is our idea correct or do you have any solution what can forward orignal jsessionid without split + merge with prefix and suffix?
Thank you
We are trying to configure orbeon forms solution on multiple nodes (application servers) in Websphere (WAS) java app server. Because of session in WAS in the jsessionid property is composed from prefix+sessionid+suffix, we need to configure suffix on each node separately (prefix is the same on all nodes). Our solution is to have own oxf.properties definition on each node. We have tried to use WebContainer custom properties and also JVM custom properties to define this param but without success. It seems that its ignored by servlet and these defined parameters are not passed to the web.xml as context parameter. We have tried this solution also on tomEE app server and there it's working correctly. Do you have a idea what can be a problem?
We have also tried to solution with special parameter what define property name suffix in web.xml of orbeon app like:
<context-param>
<param-name>oxf.properties</param-name>
<param-value>oxf:/config/properties-${orbeon_config_name}.xml</param-value>
</context-param>
but also without success. On orbeon app load we see param value with placeholder so it seems that also ignored.
Is our idea correct or do you have any solution what can forward orignal jsessionid without split + merge with prefix and suffix?
Thank you
Alessandro Vernet
Oct 28, 2024, 11:09:46 PMOct 28
to orb...@googlegroups.com
Hi Lubomir,
What configuration settings would you like to set in `properties-local.xml` for each node? The `JSESSIONID` value is generated by the application server, not by Orbeon Forms.
-Alex
What configuration settings would you like to set in `properties-local.xml` for each node? The `JSESSIONID` value is generated by the application server, not by Orbeon Forms.
-Alex
Lubomir Arnold
Oct 29, 2024, 11:08:43 AMOct 29
to Orbeon Forms
Hi,
I know. We have to set prefix and suffix for cookies forwarding:
<property
as="xs:string"
name="oxf.http.forward-cookies.session.prefix"
value="0000"/>
<property
as="xs:string"
name="oxf.http.forward-cookies.session.suffix"
value=":someSuffixValue"/>
as="xs:string"
name="oxf.http.forward-cookies.session.prefix"
value="0000"/>
<property
as="xs:string"
name="oxf.http.forward-cookies.session.suffix"
value=":someSuffixValue"/>
The problem is that someSuffixValue is different for each web application (WAS node), so it has to be with different value.
I also not sure, why is this needed? Why orbeon just don't forward original cookies without this separation to prefix+sessionid+suffix?
Lubo
Dátum: utorok 29. októbra 2024, čas: 4:09:46 UTC+1, odosielateľ: ave...@orbeon.com
Alessandro Vernet
Oct 30, 2024, 1:52:54 AMOct 30
to orb...@googlegroups.com
Hi Lubo,
You probably don't need to worry about this. The following information should help explain its purpose:
When a server doesn't require authentication and a browser previously accessed the site with a session that has since expired, an issue can arise. If you make a request to the server, and the form attempts to call a service using the `JSESSIONID`, it may use an outdated value. The correct `JSESSIONID` will be set by the server in its response. To handle this, Orbeon Forms implements a heuristic to determine what the new `JSESSIONID` will be.
This situation is uncommon because typically the request to Orbeon Forms isn't the first one the browser makes. By the time a request reaches Orbeon Forms, the browser usually already has a current `JSESSIONID`. Does this explanation help clarify the issue?
-Alex
You probably don't need to worry about this. The following information should help explain its purpose:
The first cookie in the list, typically `JSESSIONID`, is interpreted by Orbeon Forms to be the session cookie. If the value of the session cookie doesn't match the current session, say because the provided `JSESSIONID` has expired or is invalid, then the value of the cookie from the incoming request isn't forwarded.
This situation is uncommon because typically the request to Orbeon Forms isn't the first one the browser makes. By the time a request reaches Orbeon Forms, the browser usually already has a current `JSESSIONID`. Does this explanation help clarify the issue?
-Alex
Alessandro Vernet
Nov 5, 2024, 11:42:46 AMNov 5
to orb...@googlegroups.com
Hi Lubo,
Did you successfully configure WebSphere without setting `oxf.http.forward-cookies.session.prefix` or `oxf.http.forward-cookies.session.suffix`?
-Alex
Did you successfully configure WebSphere without setting `oxf.http.forward-cookies.session.prefix` or `oxf.http.forward-cookies.session.suffix`?
-Alex
Reply all
Reply to author
Forward
0 new messages