Session Lost when Context Changes in Requests
(Doc ID 2108673.1)
Last updated on SEPTEMBER 14, 2021
Applies to:Oracle WebCenter Sites - Version 220.127.116.11.0 and later
Information in this document applies to any platform.
- Session variables are set in one page but returned null when retrieved in another page.
- Session times out unexpectedly in Sites UI.
Sample use case:
#1 Clicking on a vanity URL link that has a different context in Preview.
In the case where a web server is used in front of Sites to access Sites UI, you could preview a page in Contributor UI and click on a vanity URL link that has a different path in the preview page, e.g.:
UI URL: http://host1:port/cs/login
vanity URL: http://host1:port/avi/image/Baseball
On clicking on the vanity URL in preview, the user is logged out from the UI due to session loss. The issue can also happen if you hit the vanity URL in a new browser tab in the same browser window.
#2 On an actual website that renders static images with different context in between requests.
In the case where a web server is used in front of Sites, you can navigate the website while loading static images from, e.g., the web server, e.g.:
website URL: http://host2/some/vanity/url
static image URL: http://host2/image/url
When navigating through the website, if session variables are used, it would be lost after a request of a static image file, or any requests that have a different context.
As of WebCenter Sites 18.104.22.168.0, the installer/upgrader adds <cookie-path>/context</cookie-path> to weblogic.xml for both Sites and CAS; this change was made so that CAS and Sites sessions would be distinguishable when deployed on the same application server instance.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document