Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[jetty-users] Session Cookie question

Hi all,

We use embedded Jetty within our application, and we are trying to understand the conditions
under which Jetty returns the secure/httpOnly cookie attributes back to the client. I have the following
flows captured using the Fiddler, first, the Secure/HttpOnly attribute is not being returned all the time
with responses to the client.  Also, in the response to the  GET request, the JSESSIONID=3zynssqhqzej
was not returned back to the client instead path=/MPSDashboard/faces was returned.  I would appreciate
it if someone could shade some light as to what is going on.

Thanks,

Ike


HTTP/1.1 302 Found
X-Frame-Options: SAMEORIGIN
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=3zynssqhqzej;Path=/MPSDashboard;Secure;HttpOnly
Location: https://localhost:7777/MPSDashboard/faces/configuration.jsp
Content-Length: 0
Server: Jetty(7.0.1.v20091125)

GET https://localhost:7777/MPSPDashboard/faces/configuration.jsp HTTP/1.1
Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, application/x-shockwave-flash, application/msword, application/vnd.ms-excel, application/vnd.ms-powerpoint, */*
Referer: https://localhost:7777/MPsDashboard/faces/logon.jsp
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; InfoPath.2; .NET4.0E; BOIE9;ENUS)
Accept-Encoding: gzip, deflate
Host: localhost:7777
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: form1:configTreeInner-expand=null; form1:configTreeInner-hi=form1:configTreeInner:policies:NODE_0; JSESSIONID=3zynssqhqzej

HTTP/1.1 200 OK
X-Frame-Options: SAMEORIGIN
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Transfer-Encoding: chunked
Server: Jetty(7.0.1.v20091125)
Cookie: form1:configTreeInner-expand=null; form1:configTreeInner-hi=form1:configTreeInner:policies:NODE_0; path=/MPSDashboard/faces


Back to the top