From: Jean-Baptiste R. <jb...@al...> - 2006-01-30 23:29:14
|
Hi, We are using Jetty with IIS using the AJP connector and we are running into a simple problem. We use JAAS for authentication and if the browser does not support cookies (or for the first request), the url is modified to include the session details. The url changes from http://something/some/path.html to http://something/some/path.html;jsessionid=myid. In this case, using IIS and Jetty always returns a 404 error. So we decided to track down the problem having a look at the Jetty source code and found that Jetty does not strip the jsessionid part from the url. We think that this problem is due to the class AJP13Connection, and especially around the line 194. The line reads: String path=packet.getString(); request.setPath(URI.encodePath(path)); This means that in the example above, the path for the request will be /some/path.html%3Bjsessionid=my.id (the semi-colon is URL-encoded) and therefore the jsessionid parameter cannot be detected further on. And anyway, it doesn't seem to me like this path should be the encoded. Now, looking at the CVS on sourceforge, you can see that the latest version of this class (1.34) differs from the previous version (1.33) with this only change, and the log comment is "AJP path encoding fix". Sounds like something went wrong here... Let us know if this makes sense, and if we're on the wrong track. Thanks, Jean-Baptiste REURE |