SESSIONID created from lisa.vse.session.key include a semicolon

Article Id: 126197
Status: Published
Updated On: 15-10-2020 14:48
Products:
CA Application Test , Service Virtualization , CA Continuous Application Insight (PathFinder)
Issue/Introduction:

In a VS-->Conversation Transaction, SESSIONID created from lisa.vse.session.key include semicolon which causes Virtual service to truncate key.

In the POST response Set-Cookie is assigned: "JSESSIONID={{lisa.vse.session.key}}; path=/; secure; HttpOnly"

{{lisa.vse.session.key}} generates a session id like below:

JSESSIONID=V1NHTZ14ldJT1FsFeXF6l1fKw5Cz_39UVEp6CEca&170120a7-b302-3302-8035-7b79375ec167; path=/; secure; HttpOnly

In the above it has "&" and it works fine but sometimes the session key is generated as below which has ";" and that causes the transaction mismatch.

JSESSIONID=V1NHTZ14ldJT1FsFeXF6l1fKw5Cz_39UVEp6CEca;170120a7-b302-3302-8035-7b79375ec167; path=/; secure; HttpOnly</parameter>

 

Cause:

Problem is that semicolon is not allowed in Cookie according to RFC.6265 - HTTP State Management Mechanism and DevTest is generating a ";" when generating session key {{lisa.vse.session.key}}.




 

Environment:

Supported DevTest Environments.

Resolution:

In VSI, when a Token is generated it uses a pattern specified in it. You can see the existing pattern by clicking on the person icon as below. If the pattern has a "."(period - it generates any printable character) which is creating the ";" sometimes and causing the issue. Changing the pattern to use "_" or "&" or any other valid character per RFC6625 instead of "." will resolve the issue.

 





insert_drive_file 1558690616690000126197_sktwi1f5rjvs16gbl.png
arrow_downward Download
insert_drive_file 1558690613677000126197_sktwi1f5rjvs16gbk.png
arrow_downward Download