[
https://issues.apache.org/jira/browse/JS2-1255?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13105075#comment-13105075
]
Ate Douma commented on JS2-1255:
--------------------------------
Agreed.
Actually, I was thinking if it maybe is time to drop Tomcat 5.x support and
make Tomcat 7 the default (that is: if/when it properly works with Jetspeed,
see below).
The Tomcat 6 and Tomcat 7 deployment configurations actually are the same, so
doing the above would simply "collapse" our maven deploy plugin configuration
and behavior into a singular one.
I've already played with this a bit trying to get it to work, and it actually
turned out to be pretty trivial changes.
One specific, and major, configuration change however is required for upgrading
to Tomcat 7: the server.xml connector emptySessionPath="true" attribute no
longer is supported!
I discovered this while working on a similar upgrade for Pluto, see PLUTO-611
But also for this, the "fix" is pretty trivial: now a new attribute
sessionCookiePath="/" needs to be configured instead on the root Context in
$CATALINA_HOME/conf/context.xml
See: http://tomcat.apache.org/migration.html#Session_cookie_configuration
Once I did these, building and deploying to Tomcat 7.0.21 worked without a
problem, including through a jetspeed-installer build.
However...
We have a new and more serious technical problem: (only) when trying to login
on Jetspeed, the PortalSessionsManagerImpl now throws a NPE for every portlet
render:
java.lang.NullPointerException
at
org.apache.jetspeed.container.session.PortalSessionsManagerImpl.checkMonitorSession(PortalSessionsManagerImpl.java:226)
at
org.apache.jetspeed.container.JetspeedContainerServlet.doGet(JetspeedContainerServlet.java:395)
This I haven't had time to look into yet, but it seems like Tomcat 7 is
"twisting" the session/cookie handling after login in some way.
I'll try to figure out what goes wrong ASAP (this week).
> Update Jetspeed demo and installer to use latest Tomcat 7.x version for
> hardened security
> -----------------------------------------------------------------------------------------
>
> Key: JS2-1255
> URL: https://issues.apache.org/jira/browse/JS2-1255
> Project: Jetspeed 2
> Issue Type: Improvement
> Affects Versions: 2.2.1
> Reporter: Ate Douma
> Fix For: 2.2.2
>
>
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
