Day: 15 May 2007

Login doesn’t appear to work?

I've come across the following problem in IE7 in several products which I initially commented on at the MVN Forum forum (incidentally MVN Forum is a great open source Java Web Forum). Here is a copy: First, thanks for MVNForum - I've used it before, and I have now come back 4 years later to use it again. Its perfect for an all Java platform! But I have a strange bug, which I have figured out. For some reason, with IE7, Tomcat 5.5.9 (and later), MySQL 4.1.x, I find that with IE7 only (not Firefox), it is putting the jsessionid into the URL instead of using a cookie. I have tried changing all the settings in MVN as well as in IE, but it still uses URL rewriting when using my site, even though the cookies work perfect on this forum... I can't figure that bit out... Anyway, I debugged into MVNForum to see what was going on, and I noticed that after one enters their login details, it sends a redirect. In this redirect, the "redirect-to URL", does not contain the jsessionid, and so a new session is started. That means users cannot then do admin, or whatever, depending on user permissions, because the server thinks its a new session and wants them to authenticate again. I used the debugger and on line 426 of com.mvnforum.user.UserModuleProcessor (right at the bottom of the process(HttpServletRequest, HttpServletResponse) method), I modified the value of the responseURI in the JVM, to include ";jsessionid=XXX" where…

Read more