Discussions
Categories
- 384.6K All Categories
- 2.5K Data
- 556 Big Data Appliance
- 1.9K Data Science
- 451.4K Databases
- 222.1K General Database Discussions
- 3.8K Java and JavaScript in the Database
- 32 Multilingual Engine
- 564 MySQL Community Space
- 479 NoSQL Database
- 7.9K Oracle Database Express Edition (XE)
- 3.1K ORDS, SODA & JSON in the Database
- 561 SQLcl
- 4K SQL Developer Data Modeler
- 187.5K SQL & PL/SQL
- 21.4K SQL Developer
- 296.9K Development
- 1 Application Development
- 18 Developer Projects
- 140 Programming Languages
- 293.6K Development Tools
- 112 DevOps
- 3.1K QA/Testing
- 646.2K Java
- 28 Java Learning Subscription
- 37K Database Connectivity
- 194 Java Community Process
- 106 Java 25
- 22.1K Java APIs
- 138.2K Java Development Tools
- 165.3K Java EE (Java Enterprise Edition)
- 21 Java Essentials
- 167 Java 8 Questions
- 86K Java Programming
- 81 Java Puzzle Ball
- 65.1K New To Java
- 1.7K Training / Learning / Certification
- 13.8K Java HotSpot Virtual Machine
- 94.3K Java SE
- 13.8K Java Security
- 206 Java User Groups
- 24 JavaScript - Nashorn
- Programs
- 538 LiveLabs
- 39 Workshops
- 10.2K Software
- 6.7K Berkeley DB Family
- 3.5K JHeadstart
- 5.7K Other Languages
- 2.3K Chinese
- 178 Deutsche Oracle Community
- 1.1K Español
- 1.9K Japanese
- 236 Portuguese
Cookie.setVersion(1) changes Path
679863
Member Posts: 52
Hi all,
I'm wondering if anyone know what effect setVersion(1) may have on the Path of a cookie.
I'm running into an issue with the Shibboleth IDP jars and the cookies it creates. I'm starting to think the issue may be related to cookie version.
Basically the Path seems to change from what is set to what actually shows up in the browser cookies after I view the cookie.
I'm using tamper data in fire fox and see the path of my cookie is "/idp1"
But after the cookie is created it shows up with path "/idp1/profile/SAML2/Redirect/"
The code that creates the cookie in Shibolleth jar looks fine:
But when I look at how they are written out the version 1 cookie has an additional / added...
Version 0 has path of "/idp1"
Version 1 has path of "/idp1/"
I'm running in Websphere 7.
Edited by: avalanche333 on Oct 6, 2011 11:54 AM
I'm wondering if anyone know what effect setVersion(1) may have on the Path of a cookie.
I'm running into an issue with the Shibboleth IDP jars and the cookies it creates. I'm starting to think the issue may be related to cookie version.
Basically the Path seems to change from what is set to what actually shows up in the browser cookies after I view the cookie.
I'm using tamper data in fire fox and see the path of my cookie is "/idp1"
But after the cookie is created it shows up with path "/idp1/profile/SAML2/Redirect/"
The code that creates the cookie in Shibolleth jar looks fine:
Cookie contextKeyCookie = new Cookie(LOGIN_CTX_KEY_NAME, contextKey);
contextKeyCookie.setVersion(1);
if (cookieDomain != null) {
contextKeyCookie.setDomain(cookieDomain);
}
contextKeyCookie.setPath("".equals(httpRequest.getContextPath()) ? "/" : httpRequest.getContextPath());
contextKeyCookie.setSecure(httpRequest.isSecure());
httpResponse.addCookie(contextKeyCookie);So what I did is created 2 cookies in my application, both are identical aside from the version. One uses 0 the other 1 Cookie contextKeyCookie = new Cookie("cookie_name_V1", "cookie_value");
contextKeyCookie.setVersion(1);
contextKeyCookie.setPath("".equals(request.getContextPath()) ? "/" : request.getContextPath());
contextKeyCookie.setSecure(true);
response.addCookie(contextKeyCookie);
Cookie contextKeyCookie2 = new Cookie("cookie_name_V0", "cookie_value");
contextKeyCookie2.setVersion(0);
contextKeyCookie2.setPath("".equals(request.getContextPath()) ? "/" : request.getContextPath());
contextKeyCookie2.setSecure(true);
response.addCookie(contextKeyCookie2);Tamper data again shows the correct path for both of the cookies... both are "/idp1"But when I look at how they are written out the version 1 cookie has an additional / added...
Version 0 has path of "/idp1"
Version 1 has path of "/idp1/"
I'm running in Websphere 7.
Edited by: avalanche333 on Oct 6, 2011 11:54 AM
This discussion has been closed.