Tomcat exception in CoyoteAdapter

Fri, 29 Nov 2013 05:57:54 -0800 

Hi,

I'm a senior consultant and I contact you to talk about an exception that we 
receive in a Tomcat class.
Few days ago we get an error in an application integrated with Tomcat. The 
exception is raised by Tomcat so a blank page is displayed in our portal 
application.
We have tried to get information about it but we don't find any solution, so we 
would like to know if you are aware about this issue. 

The exception is related to session expiration, and concretely is produced in 
this section:
 [org\apache\catalina\connector\CoyoteAdapter.java]
      Method parseSessionSslId:
        
request.setRequestedSessionId(request.getAttribute(SSLSupport.SESSION_ID_KEY).toString());
        request.setRequestedSessionSSL(true);

The exception is raised when the session id is empty due to we have an expired 
session. We have protected with a try catch this code section and now our 
application does not receive the error and we can see our page displayed, 
obviously with the invalid session.

Context:
- Tomcat version: 7.0.25
- OS: Linux distribution
- Liferay 6.1GA1 portal integrated with Tomcat
- We don't negotiate user session by the sessionid with the cookie but with the 
certificate.
- Tomcat server.xml configuration:
        <!-- Define an AJP 1.3 Connector on port 8009 -->
        <Connector URIEncoding="UTF-8" port="8009" protocol="AJP/1.3" 
redirectPort="8080" scheme="http" secure="false" />
        <!-- Define an AJP 1.3 Connector on port 8010 -->
        <Connector URIEncoding="UTF-8" port="8010" protocol="AJP/1.3" 
redirectPort="8443" scheme="https" secure="true" />
        <Connector URIEncoding="UTF-8" port="8080" connectionTimeout="20000" 
protocol="HTTP/1.1"/>
        <Connector URIEncoding="UTF-8" port="8443" protocol="HTTP/1.1" 
SSLEnabled="true" clientAuth="false" keystoreFile="xxx" keystorePass="yyy" 
keystoreType="PKCS12" maxThreads="150" scheme="https" secure="true" 
sslProtocol="TLS"/>     


Do you think that it could be considered for next Tomcat versions?

Thanks. Kind regards,
AT Silk.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to