Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-11843

(7.0.z) UNDERTOW-1111 Undertow does not respect javax.servlet.SessionCookieConfig#getMaxAge contract

    XMLWordPrintable

Details

    • EAP 7.0.8

    Description

      javax.servlet.SessionCookieConfig#getMaxAge states that by default -1 should be returned:

      Gets the lifetime (in seconds) of the session tracking cookies created on behalf of the application represented by the ServletContext from which this SessionCookieConfig was acquired.
      By default, -1 is returned.

      Source

      Undertow does not respect this since its javax.servlet.SessionCookieConfig implementation, SessionCookieConfigImpl, delegates to Undertow's io.undertow.server.session.SessionCookieConfig which defaults the maxAge attribute to zero.

      We have recently implemented the ability to configure Spring Session's session cookie using SessionCookieConfig and this causes problems for Undertow users since we rely on -1 to indicate the default value, as defined by Servlet API spec.

      Attachments

        Issue Links

          clones

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-11842 (7.1.0) UNDERTOW-1111 Undertow does not respect javax.servlet.SessionCookieConfig#getMaxAge contract

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Verified
          is incorporated by

          Component Upgrade - A task tracking an update to a bundled component or revision of component upstream of the project. JBEAP-11773 [GSS](7.0.z) Upgrade undertow from 1.3.29.Final to 1.3.31.Final

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Verified

          Activity

            People

              sdouglas1@redhat.com Stuart Douglas
              thofman Tomas Hofman
              Michael Cada Michael Cada
              Michael Cada Michael Cada
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: