Best way for allowing subdomain session cookies using Tomcat

Posted by Andrew Ingram on Stack Overflow See other posts from Stack Overflow or by Andrew Ingram
Published on 2008-09-17T12:36:45Z Indexed on 2010/05/25 7:01 UTC
Read the original article Hit count: 536

Filed under:

java

|

tomcat

|

sessions

|

cookie

|

subdomains

By default tomcat will create a session cookie for the current domain.

If you are on www.example.com, your cookie will be created for www.example.com (will only work on www.example.com). Whereas for example.com it will be created for .example.com (desired behaviour, will work on any subdomain of example.com as well as example.com itself).

I've seen a few Tomcat valves which seem to intercept the creation of session cookies and create a replacement cookie with the correct .example.com domain, however none of them seem to work flawlessly and they all appear to leave the existing cookie and just create a new one. This means that two JSESSIONID cookies are being sent with each request.

I was wondering if anybody has a definitive solution to this problem.

© Stack Overflow or respective owner

Related posts about java

Tomcat 6: Access Control Exception?

as seen on Server Fault - Search for 'Server Fault'
I'm trying to setup a tomcat6 server, and I'm trying to match another setup someone else established. However, my deployment (default Ubuntu install) uses a policy.d/ directory structure, and the established server just uses a catalina.policy file. I've tried setting every entry in policy.d to match… >>> More
Problem in creation MDB Queue connection at Jboss StartUp

as seen on Stack Overflow - Search for 'Stack Overflow'
I am not able to create a Queue connection in JBOSS4.2.3GA Version & Java1.5, as I am using MDB as per the below details. I am putting this MDB in a jar file(named utsJar.jar) and copied it in deploy folder of JBOSS, In the test env. this MDB works well but in another env. [ env settings and… >>> More
failing to establish connection between Postgres db and gwt

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, I am using Postgres and gwt 2.0 for one of my applications. I am facing problem connecting to the database. When I try to connect it gives "ClassNotFoundException". Here is what I get when I try to connect to database: java.lang.ClassNotFoundException: org.postgresql.Driver at java.net… >>> More
failing to establish connection between postgre db and gwt

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, For i am using postgre and gwt 2.0 for one of my applications. I am facing problem connecting to the database. When i try to connect it gives "ClassNotFoundException". Here is what i get when i try to connect to database: java.lang.ClassNotFoundException: org.postgresql.Driver at java.net… >>> More
Migration and deployement problems JBoss 4.2.2.GA to JBoss 6.0.0.M2

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, I'm trying to migrate an application running on JBoss 4.2.2.GA to JBoss 6.0.0.M2 I give you some log to explain my problem : boot.log : 2010-03-16 09:59:29,406 ERROR [org.jboss.system.server.profileservice.ProfileServiceBootstrap] (Thread-2) Failed to load profile: Summary of incomplete deployments… >>> More

Related posts about tomcat

SSL in tomcat with apr and Centos 6

as seen on Super User - Search for 'Super User'
I'm facing a problem setting up my tomcat with apr native lib, I have the following: Tomcat: 7.0.42 Java: 1.7.0_40-b43 OS: Centos 6.4 (2.6.32-358.18.1.el6.i686) APR: 1.3.9 Native lib: 1.1.27 OpenSSL: openssl-1.0.0-27.el6_4.2.i686 My server.xml looks like: ... <Listener className="org.apache… >>> More
Apache+Tomcat VS Stand Alone Tomcat or GlassFish

as seen on Server Fault - Search for 'Server Fault'
Hi, I am setting up a Debian server to serve Java web applications. I have done quite a bit of research for several weeks now. Tomcat's web site says it is better to use stand alone Tomcat for speed if you are not clustering. However, I have seen many people suggest that using Apache + Tomcat… >>> More
Tomcat - How to limit the maximum memory Tomcat will use

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi Guys, I am running Tomcat on a small VPS (256MB/512MB) and I want to explicitly limit the amount of memory Tomcat uses. I understand that I can configure this somehow by passing in the java maximum heap and initial heap size arguments; -Xmx256m -Xms128m But I can't find where to put this… >>> More
Tomcat 4.1.X and Tomcat 5.0.X

as seen on Stack Overflow - Search for 'Stack Overflow'
I have a problem about tomcat, Our application designed on Tomcat 4.1.X and When I restart Tomcat 4.1.X there is no problem. But I upgrade it to Tomcat 5.0.X. Now ,when I restart Tomcat 5.0.X session is down and application redirect me to login page. Any idea? >>> More
Restarting Tomcat from Tomcat itself

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello, is it possible to restart Tomcat6 by executing a JSP? This because I would like to deploy the changes of an application by doing it remotely using the webserver. The deploy script is written in bash and it checkouts the latest version from the svn, then package it as a war, then copy it in… >>> More