[Bug 62988] New: LoadBalancerDrainingValve only works with uncommon webapp configuration

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[Bug 62988] New: LoadBalancerDrainingValve only works with uncommon webapp configuration

Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=62988

            Bug ID: 62988
           Summary: LoadBalancerDrainingValve only works with uncommon
                    webapp configuration
           Product: Tomcat 9
           Version: 9.0.13
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Catalina
          Assignee: [hidden email]
          Reporter: [hidden email]
  Target Milestone: -----

Created attachment 36298
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36298&action=edit
Patch for LoadBalancerDrainingValve (see bug description)

After configuring LoadBalancerDrainingValve in order to force redirects when
mod_jk would route to a DISABLED node we encountered the following bugs:

1)
NullPointerException when the

<session-config>
  <cookie-config>
    <name>JSESSIONID</name>
  </cookie-config>
</session-config>

<name> element would not be present in web.xml. It cannot be expected and is in
fact highly unlikely that web applications override the default value
"JSESSIONID" in this element.

2)
The removal of a session cookie before redirection does only work when the
Context attribute sessionCookiePathUsesTrailingSlash has been set to true,
which is also a rather uncommon configuration setting. Failing to remove the
session cookie leads to redirection loop. The bug results from the fact that
the respective code block is wrongly parenthesized, and can easily be fixed by
moving the code block out of the surrounding if statement.

3)
Determination of the session cookie path is incomplete.

I added a patch (trunk) with fixes for these bugs, which also addresses the
following minor issues:

- Remove obsolete get methods for configuration parameters
- Remove Javadoc which states that a request parameter will be added to
redirect URIs, which is not the case
- Add missing parentheses

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 62988] LoadBalancerDrainingValve only works with uncommon webapp configuration

Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=62988

Mark Thomas <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED

--- Comment #1 from Mark Thomas <[hidden email]> ---
Thanks for the report and the patch.

Working my way through the patch I agree with nearly all of these changes with
a couple of minor observations
- The getters are not obsolete. They are used by JMX so they need to stay
- I did the necessary refactoring to remove the code duplication.

Fixed in:
- trunk for 9.0.14 onwards
- 8.5.x for 8.5.36 onwards

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]