Session Lost when Context Changes in Requests (Doc ID 2108673.1)

Last updated on APRIL 03, 2023

Applies to:

Symptoms

• Session variables are set in one page but returned null when retrieved in another page.
• Session times out unexpectedly in Sites UI.

Sample use case:

#1 Clicking on a vanity URL link that has a different context in Preview.

In the case where a web server is used in front of Sites to access Sites UI, you could preview a page in Contributor UI and click on a vanity URL link that has a different path in the preview page, e.g.:

UI URL: http://host1:port/cs/login

vanity URL: http://host1:port/avi/image/Baseball

On clicking on the vanity URL in preview, the user is logged out from the UI due to session loss. The issue can also happen if you hit the vanity URL in a new browser tab in the same browser window.

#2 On an actual website that renders static images with different context in between requests.

In the case where a web server is used in front of Sites, you can navigate the website while loading static images from, e.g., the web server, e.g.:

website URL: http://host2/some/vanity/url

static image URL: http://host2/image/url

When navigating through the website, if session variables are used, it would be lost after a request of a static image file, or any requests that have a different context.

Changes

As of WebCenter Sites 11.1.1.8.0, the installer/upgrader adds <cookie-path>/context</cookie-path> to weblogic.xml for both Sites and CAS; this change was made so that CAS and Sites sessions would be distinguishable when deployed on the same application server instance.

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.