utils: fix invalid JSESSIONID cookie in https setup

When enable.secure.session.cookie is set to true, use cannot login with error ``` 2024-10-25T09:03:33,898 DEBUG [c.c.u.HttpUtils] (qtp384617262-21:[ctx-a3ee3670]) (logid:7c5bfd8d) jsessionidFromCookie = node017ygldpe44nub1frmqafsj0qmc18 2024-10-25T09:03:33,898 DEBUG [c.c.u.HttpUtils] (qtp384617262-21:[ctx-a3ee3670]) (logid:7c5bfd8d) session.getId() = node017ygldpe44nub1frmqafsj0qmc18 2024-10-25T09:03:33,898 ERROR [c.c.u.HttpUtils] (qtp384617262-21:[ctx-a3ee3670]) (logid:7c5bfd8d) JSESSIONID from cookie is invalid. ```
weizhouapache · Oct 25, 2024 · 3930d00 · 3930d00
1 parent 175eed2
commit 3930d00
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/utils/src/main/java/com/cloud/utils/HttpUtils.java b/utils/src/main/java/com/cloud/utils/HttpUtils.java
@@ -117,7 +117,7 @@ public static boolean validateSessionKey(final HttpSession session, final Map<St
         }
         final String jsessionidFromCookie = HttpUtils.findCookie(cookies, "JSESSIONID");
         if (jsessionidFromCookie == null
-                || !(jsessionidFromCookie.startsWith(session.getId() + '.'))) {
+                || !(jsessionidFromCookie.equals(session.getId()) || jsessionidFromCookie.startsWith(session.getId() + '.'))) {
             s_logger.error("JSESSIONID from cookie is invalid.");
             return false;
         }