P
Peter Willer
Guest
Hello, we had a working nodejs 2 pasoe implementation with 11.6. Now we upgraded to 11.7 PASOE and the connection is not authorized now. I found, that the form oerealm implementation in PASOE11.7 contains the new "session-fixation-protection", which I also set to "none" but without luck. My next guess is that the change in tomcat 8.5 from a BIO to a NIO connector might be the case, but the BIO connector has been removed completely. In the http logs from pasoe, I see the successfull call to the login: xxx.xxx.xxx.xxx - - [13/Jun/2017:14:03:45 +0200] "GET /static/home.html?_ts=149735542-5333177220-1 HTTP/1.1" 401 57 19 xxx.xxx.xxx.xxx - - [13/Jun/2017:14:03:46 +0200] "POST /static/auth/j_spring_security_check HTTP/1.1" 200 42 286 xxx.xxx.xxx.xxx - - [13/Jun/2017:14:03:46 +0200] "GET /rest/_oeping?_ts=149735542-5333177220-2 HTTP/1.1" 401 57 2 xxx.xxx.xxx.xxx - - [13/Jun/2017:14:03:46 +0200] "GET /web/xxx.xxx.xxx.xxx HTTP/1.1" 401 57 1 I'm sure that the JSESSIONID from the j_spring_security_check is used in the next calls. Has someone another idea what big changes between tomcat 7.0 and tomcat 8.5 could make such a difference? Thank you Regards Peter Willer
Continue reading...
Continue reading...