Details
-
Bug
-
Resolution: Won't Do
-
Major
-
None
-
10.0.0.Final
Description
When using SSL as the session tracking method, there are multiple sessions created for subsequent HTTP requests, some of which are reused.
This is the log obtained by using a filter to track the HTTP Sessions:
14:08:45,766 INFO [com.test.SessionIdTrackFilter] (default task-17) Request URL : [/SessionTrackingSsl/], Session Id : [wkgBkT61gFQnJeSacPyLEgKWmJ6iPusT-8xcpXFP] 14:08:45,784 INFO [com.test.SessionIdTrackFilter] (default task-20) Request URL : [/SessionTrackingSsl/resources/css/font-awesome.min.css], Session Id : [uljMhXUsAK1BXXXmnmXzAD4EkFgFZn30I-wsFajD] 14:08:45,784 INFO [com.test.SessionIdTrackFilter] (default task-16) Request URL : [/SessionTrackingSsl/resources/js/jquery/jquery-1.12.3.min.js], Session Id : [SBZeTDPKSxLbgcwR_zCazx5heXwssOvrjSVI0sJV] 14:08:45,784 INFO [com.test.SessionIdTrackFilter] (default task-18) Request URL : [/SessionTrackingSsl/resources/css/bootstrap.min.css], Session Id : [wkgBkT61gFQnJeSacPyLEgKWmJ6iPusT-8xcpXFP] 14:08:45,785 INFO [com.test.SessionIdTrackFilter] (default task-16) Request URL : [/SessionTrackingSsl/resources/js/bootstrap.min.js], Session Id : [FETLRFRjQyjzktTUi29hTe3tqimJnGEgdpHZGu6e] 14:08:45,787 INFO [com.test.SessionIdTrackFilter] (default task-19) Request URL : [/SessionTrackingSsl/starter-template.css], Session Id : [eHGhpdreJJv8RKTmZul3hKXjORhAp8GIqJktTmgh] 14:08:45,814 INFO [com.test.SessionIdTrackFilter] (default task-26) Request URL : [/SessionTrackingSsl/resources/fonts/fontawesome-webfont.woff2], Session Id : [wkgBkT61gFQnJeSacPyLEgKWmJ6iPusT-8xcpXFP]
I have made the following changes to the standalone.xml to enable SSL:
diff ../standalone/configuration/standalone.xml ../standalone/configuration/standalone_xml_history/standalone.initial.xml :
1c1 < <?xml version='1.0' encoding='UTF-8'?> --- > <?xml version="1.0" ?> 4d3 < 33,34d31 < < 47,51d43 < <server-identities> < <ssl> < <keystore path="testks.keystore" relative-to="jboss.server.config.dir" keystore-password="Password" alias="testks" key-password="Password"/> < </ssl> < </server-identities> 89d80 < 188a180 > <!-- Automatically configure pools. Alternatively, max-pool-size can be set to a specific value --> 206c198 < <remote connector-ref="https-remoting-connector" thread-pool-name="default"/> --- > <remote connector-ref="http-remoting-connector" thread-pool-name="default"/> 305c297 < <http-connector name="https-remoting-connector" connector-ref="default-https" security-realm="ApplicationRealm"/> --- > <http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm"/> 360c352 < <https-listener name="default-https" security-realm="ApplicationRealm" socket-binding="https"/> --- > <http-listener name="default" socket-binding="http" redirect-socket="https"/> 391d382 < 400d390 <
Apart from this, I have not made any changes to any of the configuration files. When the tracking method is set to COOKIE, the session ids are consistent.