SESSIONID created from lisa.vse.session.key include a semicolon

Document ID : KB000126197
Last Modified Date : 04/02/2019
Show Technical Document Details
Issue:
In a VS-->Conversation Transaction, SESSIONID created from lisa.vse.session.key include semicolon which causes Virtual service to truncate key.

In the POST response Set-Cookie is assigned: "JSESSIONID={{lisa.vse.session.key}}; path=/; secure; HttpOnly"

{{lisa.vse.session.key}} generates a session id like below:

JSESSIONID=V1NHTZ14ldJT1FsFeXF6l1fKw5Cz_39UVEp6CEca&170120a7-b302-3302-8035-7b79375ec167; path=/; secure; HttpOnly

In the above it has "&" and it works fine but sometimes the session key is generated as below which has ";" and that causes the transaction mismatch.

JSESSIONID=V1NHTZ14ldJT1FsFeXF6l1fKw5Cz_39UVEp6CEca;170120a7-b302-3302-8035-7b79375ec167; path=/; secure; HttpOnly</parameter>

 
Environment:
Supported DevTest Environments.
Cause:
Problem is that semicolon is not allowed in Cookie according to RFC.6265 - HTTP State Management Mechanism and DevTest is generating a ";" when generating session key {{lisa.vse.session.key}}.




 
Resolution:
In VSI, when a Token is generated it uses a pattern specified in it. You can see the existing pattern by clicking on the person icon as below. If the pattern has a "."(period - it generates any printable character) which is creating the ";" sometimes and causing the issue. Changing the pattern to use "_" or "&" or any other valid character per RFC6625 instead of "." will resolve the issue.

User-added image

User-added image


LDLLLLDDlhLLHLlHlLLDlDlLlhLl_DDLLLlHLLll.DDDhDDhD-hhhh-DhDh-hhDh-DhDDDDDhhDhh
Q0TMUD49tdQX6Ha2qXJ6i6cOebJt_41KKMf3ATpf;58570456-81c3-8476-4d53-07237695d37b