Skip to Main Content
Forums

Java SE (Java Platform, Standard Edition)

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Applet altering value of JSESSIONID cookie in Java 6 Update 29

895541Oct 20 2011 — edited Nov 14 2011
After upgrading to Java 6 Update 29 (1.6.0_29) we started to encounter problems with users loosing their session in our web application once the user navigated to a page that contained an applet. The applet communicates with our server. We have traced the issue to a new value being set for the JSESSIONID cookie. This happens shortly after the applet loads. We also observed the same behavior when using the java.com website and its 'Verify Java Version' applet. (http://java.com/en/download/installed.jsp).

When using a previous version of Java (such as Update 22 or 27) we do NOT see this JSESSIONID altering issue. Downgrading the Java client version is our only known workaround.

Has anyone else experienced similar behavior since using update 29? Is this a new security feature or fix that was introduced in update 29?

We've also seen the following stack traces thrown in the client-side Java Console. Still trying to determine if they are more of a side effect or the root cause.

java.security.AccessControlException: access denied (com.sun.deploy.security.SecureCookiePermission origin.https://172.xxx.xxx.xxx:8443)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
.....

java.io.IOException: Not in GZIP format
at java.util.zip.GZIPInputStream.readHeader(Unknown Source)
at java.util.zip.GZIPInputStream.<init>(Unknown Source)
at java.util.zip.GZIPInputStream.<init>(Unknown Source)
....

Comments

if you're dealing with files, it does just that already

sorosch

Hmmm - what does you mean with that: 

thatJeffSmith-Oracle schrieb:
if you're dealing with files, it does just that already

Do you mean the query to save each tab when closing SQL Developer? So i have tiles of each tab - and that is very ugly.

i mean, any FILES you have open when you shut down sql developer, when you re-open the app, those files will be re-opened

sorosch

OK - that´s correct - when saving an open tab as a file then the FILE ist re-opened. But without saving the tab as a file this is not possible - or?

2693955

Yes, it does do this but does anyone know where the file/temp location of what has been open is located. The reason for the ask when I move to new computers or upgrading to a new version of SQL you lose those file tabs and a user has to take a screen pic to open them all over again and close the app to get whole again.

thanks Chris

SQL tabs.jpg

1 - 5
Locked Post
New comments cannot be posted to this locked post.

Post Details

Locked on Dec 12 2011
Added on Oct 20 2011
#access, #applet, #code, #control, #exception, #java, #java-applet-development, #security, #session, #update, #user
21 comments
4,850 views