[MNT-6037] JSP to forward Alfresco will create an additional jsessionid. The flash uploader does not get the correct jsessionid and fails to authenticate during an upload. This is due to the code that retrieves the jsessionid (YUI) overwriting the first jsessionid - Alfresco JIRA

Details

Type: Bug
Status: Closed
Resolution: Not a bug
Affects Version/s: 3.4.4
Fix Version/s: 3.4.11
Component/s: Share Application
Labels:
None
Environment:
Alfresco Version: 3.4.4
Alfresco Mobile Version:
Modules Version:
OS: Other Linux
App Server: Tomcat
Database: MySQL

Bug Priority:

Category 3

Description

1. Adding a tomcat/webapps/ROOT/index.jsp creates an additional jsessionid cookie within the browser.

2. Any kind of forward will send you to the login page which also creates a jsessionid cookie. (Note now you have two jsessionid cookies one for "/" and one for "/share").

3. Flash upload code relies on the jsessionid in order to authenticate with alfresco. See:
url += ";jsessionid=" + YAHOO.util.Cookie.get("JSESSIONID") + "?lang=" + Alfresco.constants.JS_LOCALE;
in method _uploadFromQueue function in flash-upload.js

4. The YAHOO.util.Cookie.get() code incorrectly overwrites the jsessionid cookie for "/share" with "/". See _parseCookieString method in cookie-debug.js Essentially the code iterates over the keys in the cookie and pops them into an associative array, the second jsession id overwrites the first.

Attachments

Structure

Activity

People

Assignee:

Closed Issues

Reporter:

Ron Pierce

Votes:

0 Vote for this issue

Watchers:

5 Start watching this issue

Dates

Created:

17-Aug-12 05:54 PM

Updated:

19-Mar-13 12:13 PM

Resolved:

23-Aug-12 02:31 PM