Strip container generated "jsessionid" matrix parameter

[jgustie]

I am seeing a container injected "jsessionid" matrix parameter interfering with my router's ability to match resources (good!). I'm pretty sure it is related to the container managed security encountering a request that has no "jsessionid" cookie; either way it has no meaning to Restlet (I would think the same behavior would come from disabling cookie based session tracking). Since the session handling is specific to the Servlet spec, I think it would make sense for the ServletAdapter.toRequest method to chomp the "jsessionid" if it appears in the request's resource reference.

[jgustie]

I think this is somewhat related to #741 in that there does not appear to be a Servlet specific ServerAdapter when using the ServerServlet. It does not appear that the existing ServletAdapter is quite right for the purpose, although it does have the desired behavior of copying attributes.

Perhaps there should be an internal.ServletServerAdapter which chomps the "jsessionid" and copies the request attributes. The ServerServlet.init(Component) could then add an "adapter" parameter pointing to the internal server adapter (essentially using it by default unless the component's context already has an "adapter" specified; thanks to getFirstValue).

[jlouvel]

Thanks for the issue and pull request. Looks great!
Set milestone to 2.3 M2

[jlouvel]

Thierry, can you update the changes log and close?

[thboileau]

I've updated the comments, changes log, and inheritence of the ServerAdapter also.

[thboileau]

Do we update 2.2 branch also?

[jlouvel]

I'm not sure... As it has some potential impact on existing applications, I'd rather not do so. We can always change our mind if we get additional reports. What do you think?