[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [jetty-dev] Unable to Add SameSite Cookie Attribute Value in Jetty 12 with Java 17
|
Dear Team,
I’ve recently updated the package for SessionHandler to org.eclipse.jetty.ee8.servlet.SessionHandler. Here is the updated configuration:
<Set name="handler">
<New id="Contexts" class="org.eclipse.jetty.server.handler.ContextHandlerCollection">
<Set name="dynamic" property="jetty.server.contexts.dynamic"/>
</New>
<New id="SessionHandler" class="org.eclipse.jetty.ee8.servlet.SessionHandler">
<Set name="sameSite">Lax</Set>
</New>
</Set>
However, I am encountering the following exception:
[java] Caused by: java.lang.ClassNotFoundException: org.eclipse.jetty.ee8.servlet.SessionHandler
[java] at java.base/java.net.URLClassLoader.findClass(URLClassLoader.java:445)
[java] at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:587)
[java] at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:520)
Could you please assist in resolving this issue? It appears that the class org.eclipse.jetty.ee8.servlet.SessionHandler cannot be found. Thank you!
The class `org.eclipse.jetty.session.SessionHandler` is only intended for non-servlet api code, but you say you have a an old servlet api 2.5 webapp that you want to deploy. You should be using one of the `ee` modules. The servlet api is backwardly compatible, but the environment with the most similarity - ie retains the javax.servlet package names - are the `ee8` modules, which would lead you to use the `org.eclipse.jetty.ee8.servlet.SessionHandler` to configure things like SameSite.
Jan
Dear Team,
Our application was able to configure the SameSite cookie attribute value through web.xml when using Jetty 9:
<session-config>
<cookie-config>
<http-only>true</http-only>
<comment>__SAME_SITE_STRICT__</comment>
</cookie-config>
</session-config>
However, after migrating to Jetty 12, this configuration no longer works through web.xml. It appears that this method of configuration has been removed in Jetty 12. In jetty documentation does not found valid alternative for this setup.
I attempted to set the SameSite value using SessionHandler in jetty.xml, but was unable to pass a String value to the setSameSite method. I tried the following configuration:
<Set name="handler">
<New id="SessionHandler" class="org.eclipse.jetty.session.SessionHandler">
<Set name="sameSite">Lax</Set>
</New>
</Set>
This resulted in the following error:
java.lang.NoSuchMethodException: class org.eclipse.jetty.session.SessionHandler.setSameSite(class java.lang.String). Found setters for org.eclipse.jetty.http.HttpCookie$SameSite
Our application uses the following setup:
Java 17
Jetty 12 as the server
Servlet API version 2.5
Since our application relies on legacy code, we cannot upgrade to a newer version of the Servlet API.
Thanks,
Shrinivas
_______________________________________________
jetty-dev mailing list
jetty-dev@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-dev
--
_______________________________________________
jetty-dev mailing list
jetty-dev@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-dev