Hello. There is a web application with a closed part, and authorization using jdbcRealm. After passing authorization on the link to the page in the closed part, the session is not established, and in the address bar:

http://<ip>:8080/<корневая директория>/;jsessionid=91f8733208ea8cfeedd981772aa0

although it should go to the requested page:

 http://<ip>:8080/<корневая директория>/<закрытая директория>/<запрошенная страница>.xhtml

There are no problems on the local server, the application is working correctly. The problem appeared after the transition to VPS

Applying web.xml:

 <?xml version="1.0" encoding="UTF-8"?> <web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"> <context-param> <param-name>javax.faces.PROJECT_STAGE</param-name> <param-value>Development</param-value> </context-param> <servlet> <servlet-name>Faces Servlet</servlet-name> <servlet-class>javax.faces.webapp.FacesServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>Faces Servlet</servlet-name> <url-pattern>/faces/*</url-pattern> </servlet-mapping> <session-config> <session-timeout> 30 </session-timeout> </session-config> <welcome-file-list> <welcome-file>faces/index.xhtml</welcome-file> </welcome-file-list> <security-constraint> <display-name>userLim</display-name> <web-resource-collection> <web-resource-name>application</web-resource-name> <description/> <url-pattern>/app/*</url-pattern> </web-resource-collection> <auth-constraint> <description/> <role-name>userRole</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <realm-name>jdbcRealm</realm-name> <form-login-config> <form-login-page>/login.xhtml</form-login-page> <form-error-page>/loginerror.xhtml</form-error-page> </form-login-config> </login-config> <security-role> <description/> <role-name>userRole</role-name> </security-role>

and glassfish-web.xml:

 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE glassfish-web-app PUBLIC "-//GlassFish.org//DTD GlassFish Application Server 3.1 Servlet 3.0//EN" "http://glassfish.org/dtds/glassfish-web-app_3_0-1.dtd"> <glassfish-web-app error-url=""> <security-role-mapping> <role-name>userRole</role-name> <group-name>user</group-name> </security-role-mapping> <class-loader delegate="true"/> <jsp-config> <property name="keepgenerated" value="true"> <description>Keep a copy of the generated servlet class' java code. </description> </property> </jsp-config> </glassfish-web-app>

Maybe someone faced a similar problem? I can not figure out, my two servers are equally configured. Thank you in advance!

    1 answer 1

    The problem was only with the Chrome browser, when using https the problem is no longer observed.

    • @HamSter is the answer of the question author. There are no other answers and activity of other participants in the question or in the answer. It makes no sense for such a member to advise the participant to leave comments to himself or to ask for clarification from himself. - PashaPash