From b54f62e26a545c02a22a1dc0984514f8a7d59ca5 Mon Sep 17 00:00:00 2001
From: markt <markt@13f79535-47bb-0310-9956-ffa450edef68>
Date: Wed, 8 Apr 2009 17:12:18 +0000
Subject: [PATCH] Fix NPE when not using cookies for session IDs

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@763322 13f79535-47bb-0310-9956-ffa450edef68
---
 java/org/apache/catalina/connector/CoyoteAdapter.java | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/java/org/apache/catalina/connector/CoyoteAdapter.java b/java/org/apache/catalina/connector/CoyoteAdapter.java
index 4e2a6a8f1..ad9995784 100644
--- a/java/org/apache/catalina/connector/CoyoteAdapter.java
+++ b/java/org/apache/catalina/connector/CoyoteAdapter.java
@@ -510,6 +510,16 @@ public class CoyoteAdapter
         }
 
         // Parse session Id
+        if (!request.getServletContext().getEffectiveSessionTrackingModes()
+                .contains(SessionTrackingMode.URL)) {
+            /* 
+             * If we saw an ID in the URL but this is disabled - remove it
+             * Can't handle it when we parse the URL as we don't have the
+             * context at that point
+             */
+            request.setRequestedSessionId(null);
+            request.setRequestedSessionURL(false);
+        }
         parseSessionCookiesId(req, request);
         parseSessionSslId(request);
         return true;
@@ -543,9 +553,7 @@ public class CoyoteAdapter
         ByteChunk uriBC = req.requestURI().getByteChunk();
         int semicolon = uriBC.indexOf(match, 0, match.length(), 0);
 
-        if (semicolon > 0 &&
-                request.getServletContext().getEffectiveSessionTrackingModes()
-                        .contains(SessionTrackingMode.URL)) {
+        if (semicolon > 0) {
 
             // Parse session ID, and extract it from the decoded request URI
             int start = uriBC.getStart();
-- 
2.11.0