Session Lost When Context Changes in Requests (Doc ID 2108673.1)

Last updated on SEPTEMBER 18, 2017

Applies to:

Oracle WebCenter Sites - Version 11.1.1.8.0 and later
Information in this document applies to any platform.

Symptoms

 

Sample use case:

 

#1 Clicking on a vanity URL link that has a different context in Preview.

In the case where a web server is used in front of Sites to access Sites UI, you could preview a page in Contributor UI and click on a vanity URL link that has a different path in the preview page, e.g.:

UI URL: http://host1:port/cs/login

vanity URL: http://host1:port/avi/image/Baseball

On clicking on the vanity URL in preview, the user is logged out from the UI due to session loss. The issue can also happen if you hit the vanity URL in a new browser tab in the same browser window.

 

#2 On an actual website that renders static images with different context in between requests.

In the case where a web server is used in front of Sites, you can navigate the website while loading static images from, e.g., the web server, e.g.:

website URL: http://host2/some/vanity/url

static image URL: http://host2/image/url

When navigating through the website, if session variables are used, it would be lost after a request of a static image file, or any requests that have a different context.

Changes

As of WebCenter Sites 11.1.1.8.0, the installer/upgrader adds <cookie-path>/context</cookie-path> to weblogic.xml for both Sites and CAS; this change was made so that CAS and Sites sessions would be distinguishable when deployed on the same application server instance.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms