cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Cannot read server-side cookie with dynamic session_id

Go to solution
Former Member

on ‎08-03-2005 5:11 PM

0 Kudos

I have a number of web pages that are used in a stateless anonymous web site. As there are numerous data types that have to persist across all the pages I thought that server-side cookies would be the best option. However, when I try to write/read with a dynamic session_id I keep getting a 'cookie not found' error.

The cookie is written on one page with:


CALL METHOD cl_bsp_server_side_cookie=>set_server_cookie
  EXPORTING
    name                  = 'TEST'
    application_name      = 'NONE'
    application_namespace = 'NONE'
    username              = 'NONE'
    session_id            = runtime->session_id
    data_value            = 'TEST VALUE'
    data_name             = 'NONE'
    expiry_time_rel       = 600.

Another page reads the cookie back with:


CALL METHOD cl_bsp_server_side_cookie=>get_server_cookie
  EXPORTING
    name                  = 'TEST'
    application_name      = 'NONE'
    application_namespace = 'NONE'
    username              = 'NONE'
    session_id            = runtime->session_id
    data_name             = 'NONE'
  CHANGING
    data_value            = lv_test.

No error is given when writing the cookie, but a 'cookie not found' error is given when trying to read it back.

If the session_id parameter lines are hard-coded with a string

i.e.


  session_id = 'foobar'

then the cookie is successfully read.

I have tried putting the session_id into a string type, or using it within the username parameter, but still the same problem. The data types in and out of the cookie are the same, and the session id stays constant across the pages.

Any advice on how to get this working?

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

thomas_jung
Developer Advocate
Developer Advocate
‎08-03-2005 5:33 PM
0 Kudos

I have used this same approach and have set the session_id the same way and it works for me:


      cl_bsp_server_side_cookie=>set_server_cookie( name = i_name
        application_name = runtime->application_name
        application_namespace = runtime->application_namespace
        username = sy-uname
        session_id = runtime->session_id
        data_name = i_name
        data_value = ostream
        expiry_time_rel = '1200' ).

Have you ran the report BSP_SHOW_SERVER_COOKIES to see what cookies you have and what they look like?

Show replies
Show replies
Former Member
‎08-03-2005 8:02 PM
0 Kudos

I had a look at the server-side cookies, and this could be the problem:

The session_id on my browser shows as:

SID:ANON:sapcrmdev_DCR_00:Qb2pGAgA7rXuvnf_BVbQGs1NqV7GETFJFSQAQcXx-ATT

but the cookie being saved is completely different:

SID:ANON:sapcrmdev_DCR_00:R7tcGHfp5rXuunCIBSPEGs0-0gTGYDI2FGh3QcKP-ATT

Where could this alternative session_id be coming from?

thomas_jung
Developer Advocate
Developer Advocate
‎08-03-2005 8:34 PM
0 Kudos

Is SID:ANON:sapcrmdev_DCR_00:R7tcGHfp5rXuunCIBSPEGs0-0gTGYDI2FGh3QcKP-ATT actually the session ID begin saved into the server cookie? I check the server cookie table in my system and my session id's aren't formatted like this?!?

Have you tried debugging to see what runtime->session_id

is under both situations.

Are you sure you application is stateless? I don't get a SID:ANON... cookie in my application unless I mark it as stateful. If I have my application marked as stateless I don't even have a sap-contextid cookie.

Former Member
‎08-04-2005 4:21 PM
0 Kudos

Yes, that's how the session IDs are being stored, and the application is definitely running as stateless.

The problem I am experiencing is the same as brought up in topic

and Eddy's weblog entry

https://www.sdn.sap.com/sdn/weblogs.sdn?blog=/pub/wlg/1166. [original link is broken] [original link is broken] [original link is broken] [original link is broken] [original link is broken] [original link is broken] [original link is broken] [original link is broken] [original link is broken]

It would appear that the only way to be assured of a unique but stable identifier would be to store an initial session id in a client-side cookie. But that rather negates one if the reasons for using server-side cookies - to avoid the problem of the client blocking cookies.

I cannot even use sy-uname, as the site is 'anonymous', running under a common user account.

thomas_jung
Developer Advocate
Developer Advocate
‎08-04-2005 4:51 PM
0 Kudos

That explains it!

From Eddy's Weblog:

"This issue will be solved with SP49 for 6.20 and in SP11 for 6.40."

I am running 640 SP12 - hence the differences I see in the SESSION_ID. At least you know that if you apply the given support package it will correct your problem.

Former Member
‎08-04-2005 7:25 PM
0 Kudos

At least I know the crux of my problem:

In onInitialization of the first page, the runtime->session_id is:

SID:ANON:sapcrmdev_DCR_00:ka1QuuYpJkEjSzCFr3RT8bn-W7tHL-o0QE-WvmPF-ATT

When onInputProcessing is called on the same page the session_id becomes:

SID:ANON:sapcrmdev_DCR_00:66hLpOH1Ujcjf0zwrwEP8cKCWxl_U-lbT4invmfH-ATT

But then on the very next page (onInitialization), the session_id reverts back to:

SID:ANON:sapcrmdev_DCR_00:ka1QuuYpJkEjSzCFr3RT8bn-W7tHL-o0QE-WvmPF-ATT

I had a look at SP49, and could not see any notes that relate to my problem.

thomas_jung
Developer Advocate
Developer Advocate
‎08-04-2005 10:52 PM
0 Kudos

>I had a look at SP49, and could not see any notes that relate to my problem.

Not completly uncommon, especially if the fix is so drastic that it isn't feasible to deliver it as a Note Correction. Support Package application is probably your only fix.

Answers (0)

Ask a Question