Follow by Email

Sunday, May 8, 2011

Applet/Swing/Flex/J2ME to Servlet Communication Why I am losing JSESSIONID (on weblogic 11) and what's the solution.

We have an application which was built using Applet, Servlet and JSP technologies.
The Application has been on production since last 2-3 years and was working perfectly fine on WebLogic 10G. Recently we were asked to deploy our applications on WebLogic (10.3.3) 11g , and we found that the same application (Which is working fine on WebLogic was crashing on WebLogic 10.3.3.
After doing some research and debugging code we found that the problem was actually with Applet Servlet communication as Applet was not passing JSESSIONID to servlet as a result the server was unable to find the Session associated to the client and application was crashing.
The confusing point was that the same code was working perfectly fine on older version i.e. WebLogic
After digging the code we found that we were using from Applet to connect to servlet and were assuming that this will take care of JSESSIONID while connecting the server, this assumption was right for WebLogic10.3.0.0 but not for WebLogic 10.3.3.
So the solution is to store the JSESSIONID at client end (APPLET) and always send the JSESSIONID from applet to servlet.
For reference you can see the following forum post
And especially following post
I just did some tests, and it appears that using URLConnection() the applet is automatically returning the sessionId that the servlet sets (also automatically). That is, in both IE5 and NN4, without explicitly adding anything to the header the applet was sending back, the servlet was able to recognize the sessionId as the same across repeated calls from the same applet. So my guess is that if you run your applet from within one of these browsers, they automatically add in the cookies to all your URLConnections. Any naysayers?
And in response following post
And did you do tests for more versions of java (1.1.4, 1.3, 1.4.2)? Is this behavior described in Applet specification or is it an accident? If it is not a standard then it could stop work in future versions of Java
Note: If we send JSESSIONID with all the requests to servlets we can get rid of issue of finding no session on servlet end.

When you communicate with a servlet from Applet/Swing or any other application and you face the problem of not finding the appropriate session on server you should first check the communication of JSESSIONID between your application and server and if your application is not properly sending JSESSION ID than you can do it yourself by rewriting JSESSIONID in URL. And it can also be a best practice if you take care of JSESSIONID communication you don’t have to relay/assume anything about the APIs you are using for your application to servlet connection and this solution will always work.