Interim fix JR47553 can be used to avoid logging invalid cookie exceptions that are
caused by interim fix JR46386. If a shopper's browser uses old cookies that do not comply with the
store's encryption method, an exception is caught in the SystemOut.log file.
JR47553 provides a ValidateRequestCmd that you can customize to silently
invalidate the old cookie and redirect to a logon page. By using this command, the invalid cookie
exceptions are avoided in the log file.
Before you begin
- Install the cumulative interim fix for Fix Pack 6, JR53048.fp. JR47553 is included
in the cumulative interim fix.
- Install the cumulative interim fix for JR53048.fp.
JR47553 is included in the cumulative interim fix.
For information about
how to install an interim fix, see
Procedure
-
Extend the ValidateRequestCmdImpl command and define the code logic in the
handleResult() method.
In the handleResult() method, you can redirect the page to an error view, tell
the shopper that there is an invalid cookie, and clear the incorrect cookie in that view. The
following code is a sample for the handleResult() method.
public HttpControllerRequestObject handleResult(HttpControllerRequestObject requestObject, HttpServletRequest request,
TypedProperty requestProperties, Cookie cookie) {
final String strMethodName = "handleResult";
final boolean bTraceEnabled = isTraceEnabled();
if (bTraceEnabled) {
ECTrace.entry(ECTraceIdentifiers.COMPONENT_SERVER, getClass().getName(), strMethodName);
}
//Customization sample code
cookie.setValue("DEL");
requestObject.setRequestName("MyErrorCookieView");
requestProperties.put(ECConstants.EC_URL, ECConstants.EC_COOKIE_ERROR_VIEW);
Map iMap = requestProperties.toMap();
request.setAttribute(ECConstants.EC_INPUT_PARAMVALUES, iMap);
requestObject.setHttpRequest(request);
ECTrace.trace(ECTraceIdentifiers.COMPONENT_SERVER, getClass().getName(), strMethodName,
"Customize the request with the validation result of cookie");
ECTrace.exit(
ECTraceIdentifiers.COMPONENT_SERVER,
getClass().getName(),
strMethodName);
return requestObject;
}
-
Update the error view JSP file to clean the invalid cookie at the beginning of a page
load.
Sample code in the error view JSP file to clean the invalid cookie at the beginning of page
loading:
<%
Cookie[] cookies = request.getCookies();
for (int i = 0; cookies != null && i < cookies.length; i++) {
Cookie cookie = cookies[i];
if (cookie.getName().startsWith("WC_USERACTIVITY_")) {
if (cookie.getValue().equals("DEL")){
cookie.setMaxAge(0);
cookie.setPath("/");
response.addCookie(cookie);
}
break;
}
}
%>
-
Besides the cookie, which name starts with 'WC_USERACTIVITY_', you also need to delete the
cookie with names like WC_AUTHENTICATION_X by a similar approach.