Project

General

Profile

Bug #1693

Metacat client library: Static Cookies

Added by Saurabh Garg over 15 years ago. Updated almost 7 years ago.

Status:
Closed
Priority:
Normal
Category:
metacat
Target version:
Start date:
09/17/2004
Due date:
% Done:

0%

Estimated time:
Bugzilla-Id:
1693

Description

The HttpMessage code uses static cookies. This is bad and should be changed.

(From bug# 188)

History

#1 Updated by Saurabh Garg over 14 years ago

Below given is the initial email from Bill Baker regarding static cookies and
replies from others.


I agree. We noticed this problem a long time ago, but never fixed it.
Sid, could you enter this as a bug and target it at the next major
release? Thanks.

Matt

Jing Tao wrote:

Yep, I agree with you. It is better that cookie is a non-static member.
But I have no idea why it is chosen to be static in HttpMessage class
(utilities module). Do you guys know that?

Jing

Bill Baker wrote:

I guess what I'm really asking is whether cookie should be a
non-static member, since it is treated that way, for example, in
MetacatClient -- the cookie is set, and then a message is sent. Since
there can be multiple client sessions in a JVM simultaneously (for
example, several people logged into the same Metacat HTML UI), that
seems prone to race conditions:

(1) Client A sets session cookie
(2) Client B sets session cookie
(3) Client A sends message, now with B's session cookie
(4) Client B sends message ...

At 16:55 2005-07-28, Jing Tao wrote:

Hi, Bill:

I guess the reason they are static method because cookie is a static
member variable. But it seems better to be non-static methods.

Jing

Bill Baker wrote:

Sid & Jing --

I noticed that HttpMessage.setCookie and .getCookie are static (as
is the cookie member variable) -- should those be non-static instead?

-- Bill

#2 Updated by Redmine Admin about 7 years ago

Original Bugzilla ID was 1693

#3 Updated by ben leinfelder almost 7 years ago

  • Assignee changed from Michael Daigle to ben leinfelder
  • Status changed from New to Closed

We changed to use standard apache HttpClient and made the cookie sessionId value a per-MetacatClient instance variable.

Also available in: Atom PDF