Struggling with a bit of a mystery regarding a ghost like JESSIONID Cookie. I'm using JESSIONID to keep sessions between state changes in a AJAX based site. This works fine on a deployed server, but not when running the site on localhost using an external XML-based servlet.
Using HTTP Header tools I've been able to determine that the JSESID Cookie simply does not set:
localhost -> external: attempt login
external -> localhost: returns XML and correct Set-Cookie with JSESID
localhost -> external: sends next request with no JSESID Cookie (other cookies however, is > getting sent).
I've tried on several different computers (and browsers) and the result is the same. Weirdly however the solutions DOES work on mobile devices (PhoneGap + Android / iOs). Based on this I've also tried to run the site from file://, but with no luck.
Since the servlet already is deployed (Tomcat 6) there is unfortunately little / nothing I'm able to change on that end, but as far as I can gather it seems little likely that the problem is on that end. I've also attempted solution #1 as suggested in this thread. That does set a JSESID named cookie, but the content is getting filled with "gibberish".
function postDataToBean(formId, callbackFunc, callbackError)
{
$.ajaxSetup ({
cache: false
});
var_form_data = $("#" + formId).serialize();
var request = $.ajax({
url: getAppBackEndURL() + $("#" + formId).attr("action"),
type: "POST",
data: var_form_data,
dataType: "xml",
contentType : "application/x-www-form-urlencoded"
});
request.done(callbackFunc);
request.fail(callbackError);
}
Turns out it was a domain issue. Desktop browsers will only accept JSES Cookies if the domain that sets the cookie is the exact same as the one requesting it. Weirdly however this is not the case on mobile browsers such as Android Browser and Safari.