Search code examples
javajax-rswildfly-8

Different session IDs for JAX-RS resources


I faced a very strange behavior with WildFly 8.x (tested with 8.1 and 8.0 also). If I deploy my WAR as ROOT (set the '/' as context-root in jboss-web.xml) my JAX-RS resource classes will have different session IDs (each resource class will have a unique session id). But in fact, if I set anything else other than '/' as the context-root everything works as I expected originally (every JAX-RS resource class share the same session). I know that REST services are stateless and I don't have to worry about sessions but I'm so curious why it behaves like that. Does anyone have any ideas?

Thanks!

Here's a sample minimal project where you can reproduce this issue: https://github.com/aberkes/cdi-sessionscoped-bean-demo


Solution

  • The idea is that by default if you deploy to ROOT, jboss doesn't use a fixed cookie path parameter. This is made for the case, when you have other applications running in different sub-folders and requiring their own independent sessions. To change this behaviour, you may use the

    <session-config>
    <cookie-config>
    <path>/</path>
    </cookie-config> 
    </session-config>
    

    parameter in your web.xml. Then all jsessions will be bound to the root path.