Uploaded image for project: 'MyCoRe'
  1. MCR-1108

MCRServlet3LoginServlet defines a new session cookie each time a website is loaded

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Highest
    • Resolution: Fixed
    • Affects Version/s: 2015.05.0
    • Fix Version/s: 2015.05.01, 2016.02
    • Component/s: mycore-base
    • Labels:
      None
    • Environment:

      Ubuntu Linux 14.04
      Firefox 42
      Java JDK 1.8.0_20
      Tomcat 8.0.28
      occurs probably independent of plattform and browser

      Description

      Replication:
      minimal mir LTS 2015.05 installation in Tomcat 8.0.28 Container (H2,solr as preconfigured),
      .mycore/mir/realm.xml contains the <realm id="servlet3>...</realm> as provided,
      apache-tomcat/conf/server.xml contains the following realm definition:
      <Realm className="org.apache.catalina.realm.JNDIRealm"
      connectionURL="ldaps://ldap.nds.uni-hamburg.de:636"
      userBase="o=uni-hamburg"
      userSubtree="true"
      userSearch="(&(objectClass=user)(cn=

      {0}

      )(groupMembership=cn=gwiss_mit,ou=Gruppen,o=UNI-HAMBURG))"
      commonRole="submitter">
      </Realm>
      nothing else is configured/adjusted
      After logging in with the respective servlet 3, each time a new site in the mir context is called a new SessionID is defined. Logging in with the "local" Servlet the Session ID stays the same over the entire session.

        Attachments

          Activity

            People

            • Assignee:
              yagee Thomas Scheffler
              Reporter:
              hagenp Hagen Peukert
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: