Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to match jsessionid from URL ? #232

Open
mevb opened this issue Oct 11, 2018 · 4 comments
Open

How to match jsessionid from URL ? #232

mevb opened this issue Oct 11, 2018 · 4 comments

Comments

@mevb
Copy link

mevb commented Oct 11, 2018

Hi Paul, hi people,

First of all big thanx for URLRewriteFilter... ...you really saved my time (my ass too) !

I use it from many years without any problem.

But now I am unable to achieve a rule to match requests URLs with a path part containing ";jsessionid=whatever".

I tried some test rules as :
<rule> <from>^(.*)(?:\;jsessionid=[A-Za-z0-9]+)(.*)$</from> <to>null</to> </rule>
and
<rule> <from>^(.*);jsessionid=[A-Za-z0-9]+)(.*)$</from> <to>null</to> </rule>

, but it never works :(

Im my web app request log I can see the jsessionid as :

HTTPS [serverIP] ([remoteHost]) [11/Oct/2018:17:28:41 +0100] ([userAgent]) "www.mydomain.com:443 GET /somepage.jsp;jsessionid=ABCDEFGHIJKL?lan=en HTTP/1.1" 3230 [200]

Am I missing something ?

I am using urlrewritefilter-4.0.3.jar with an oc4j servlet container. My webapp is compiled with jdk1.6.0_45 (for compatibility reasons) and running under jdk1.8.0_144.
The webapp config has session cookies enabled as :

...
<session-tracking 
		autoencode-absolute-urls="true"
		autoencode-urls="true"
		autojoin-session="false"
		cookies="enabled" />
...

I am stucked in and I will really appreciate some help,

Cordially,

Manuel
@gasttor
Copy link

gasttor commented Oct 11, 2018

Hi Manuel,

I tested your rule with version 4.0.3 und 5.0.0 on a tomcat8 and it works just fine for me. So IMO it could be a problem with your container-setup.

Have you tried to set the loglevel of class org.tuckey.web.filters.urlrewrite.RuleBase to DEBUG. Then you could find out, which exact URL is handled by the rule.

Regards

Thorsten

@mevb
Copy link
Author

mevb commented Oct 11, 2018
edited
Loading

Hi Thorsten,

Thank you for your opinion.

Yes, I've tried logLevel sysout:DEBUG and no more infos about processed URLs.

For test request :

/somepage.jsp;jsessionid=ABCDEFGHIJKL?lan=en

and rule (the only one!) :

<rule> <from>^(.*);jsessionid=[A-Za-z0-9]+)(.*)$</from> <to>null</to> </rule>

I see URLRewriteFileter log as :

org.tuckey.web.filters.urlrewrite.UrlRewriteFilter DEBUG: starting conf reload check
org.tuckey.web.filters.urlrewrite.UrlRewriteFilter INFO: conf file modified since last load, reloading
org.tuckey.web.filters.urlrewrite.Conf DEBUG: XML builder factory is: org.apache.crimson.jaxp.DocumentBuilderFactoryImpl
org.tuckey.web.filters.urlrewrite.Conf DEBUG: XML Parser: org.apache.crimson.jaxp.DocumentBuilderImpl
org.tuckey.web.filters.urlrewrite.Conf DEBUG: about to parse conf
org.tuckey.web.filters.urlrewrite.ConfHandler DEBUG: Resolving to DTD /org/tuckey/web/filters/urlrewrite/dtds/urlrewrite4.0.dtd
org.tuckey.web.filters.urlrewrite.Conf DEBUG: now initialising conf
org.tuckey.web.filters.urlrewrite.RuleBase DEBUG: loaded rule Rule 0 (^(.*)(?:\;jsessionid=[A-Za-z0-9]+)(.*)$, null 1)
org.tuckey.web.filters.urlrewrite.NormalRule DEBUG: loaded rule Rule 0 (^(.*)(?:\;jsessionid=[A-Za-z0-9]+)(.*)$, null 1)
org.tuckey.web.filters.urlrewrite.Conf DEBUG: conf status true
org.tuckey.web.filters.urlrewrite.UrlRewriteFilter DEBUG: inited with 1 rules
org.tuckey.web.filters.urlrewrite.UrlRewriteFilter DEBUG: conf is ok
org.tuckey.web.filters.urlrewrite.UrlRewriteFilter INFO: loaded (conf ok)
org.tuckey.web.filters.urlrewrite.utils.ServerNameMatcher DEBUG: looking for hostname match on current server name www.mydomain.com
org.tuckey.web.filters.urlrewrite.UrlRewriter DEBUG: processing request for /somepage.jsp
org.tuckey.web.filters.urlrewrite.RuleBase DEBUG: Rule 0 run called with /somepage.jsp

No ";jsessionid" and no parameter ?!

I am still stucked and DEBUG didn't help me much.

One more thing, I've tried to see some infos from my Filter class MyFilter.java and I saw this output :

MyFilter.doFilter() : New session = ABCDEFGHIJKLM
MyFilter.doFilter() : request.isRequestedSessionIdValid() = false
MyFilter.doFilter() : request.isRequestedSessionIdFromURL() = false
MyFilter.doFilter() : request.isRequestedSessionIdFromCookie() = false

Does this make sense to someone ?

Thanks for your help

@mevb
Copy link
Author

mevb commented Oct 29, 2018

Hi Manuel,

I tested your rule with version 4.0.3 und 5.0.0 on a tomcat8 and it works just fine for me. So IMO it could be a problem with your container-setup.

Have you tried to set the loglevel of class org.tuckey.web.filters.urlrewrite.RuleBase to DEBUG. Then you could find out, which exact URL is handled by the rule.

Regards

Thorsten

How do you achieved your tests with urlrewritefilter "version 4.0.3 und 5.0.0 " as version 5.0.0 does not already exist, AFAIK ?

Regards,

Manuel

@mevb mevb changed the title Cannot make a rule matching jsessionid in URL !? How to match jsessionid from URL !? Oct 29, 2018
@mevb mevb changed the title How to match jsessionid from URL !? How to match jsessionid from URL ? Oct 29, 2018
@gasttor
Copy link

gasttor commented Oct 31, 2018

Hi Manuel,

I built the master branch by myself and used this artefact. According to the pom.xml this is version 5.0.

But I agree that there is no official release of this version.

Regards

Thorsten

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@gasttor @mevb