Hi, It's great for you that you have a solution, but it's not compatible with the Servlet Spec and therefore can't be integrated into Tomcat. It's not a Tomcat bug, but rather your requirements that are in conflict with the Spec.
Yoav Quoting Simon Lau <[EMAIL PROTECTED]>: > > Just want you guys to know that I have found a solution for my problem. > > I have to change the source code in tomcat to get this to work. > Here is what I've done: > In source org.apache.coyote.tomcat5.CoyoteRequest line 2313 (btw, I am using > tomcat5.0.28 source) I added > cookie.setDomain(".abc.com"); // beware of the leading dot > compile the source and replace the new catalina.jar into my tomcat > server/lib directory. > > I am now able to switch between both > http://aaa.abc.com/myapp/index.jsp > http://bbb.abc.com/myapp/index.jsp > and the session persists !!! > > I wonder why the web.xml file in conf/ didn't provide such an option for us > to set more cookie options. > As for now, I can only set session-timeout in web.xml. > I suggest adding like cookie-domain > <session-config> > <session-timeout>30</session-timeout> > <cookie-domain>.abc.com</cookie-domain> > </session-config> > I know resin have such an option, see here > http://browserinsight2.lunaimaging.com:8090/ref/app-config.xtp#session-config > > I am posting this to both user list and developer list, I hope someone in > the tomcat project will read it and implement this in the future. > > Thanks everyone that have helped me though, means a lot. > Simon > > > > ----- Original Message ----- > From: "Tim Funk" <[EMAIL PROTECTED]> > To: "Tomcat Users List" <tomcat-user@jakarta.apache.org> > Sent: Wednesday, January 12, 2005 8:43 PM > Subject: Re: apache + tomcat with 2 domains but same session? > > > > [I have a major sinus cold - so I might not be writing clearly ...] > > > > I don't think URL rewriting from apache mod_rewrite will solve your > problem. > > Tomcat maintains state with the session via a session cookie. The cookie > is > > fixed to the currnet domain name (not configurable) and the cookie is > fixed > > to the current webapp path(also not configurable). > > > > But the session cookie is the key to picking up the session. Since you are > > working in a differnet domain - the session cookie is not sent by the > client. > > > > But for clients that do not allow cookies, you can use url rewriting via > the > > servlet API. (See HttpResponse.encodeUrl()). This method detects whether > the > > client has sent the request and maintained state via a session cookie and > if > > a cookie was not used, the url is rewritten and encoded with a path > variable > > called jsessionid. (eg: foo.jsp;jsessionid=ABDDAAN9900) > > > > To get a session from aaa.com to work in bbb.com - you need to have a page > on > > aaa.com link to bbb.com with the URL containing the jessessionid path > parameter. > > > > -Tim > > > > Simon Lau wrote: > > > Tim, thanks for your help. but... > > > I have been following your suggestion and use mod_rewrite to rewrite > > > bbb.abc.com to aaa.abc.com. > > > Here is 3 scenarios: > > > 1) > > > RewriteCond %{HTTP_HOST} ^bbb\.(.*)$ > > > RewriteRule ^(.+) http://aaa.%1$1 > > > Client access http://bbb.abc.com/myapp/index.jsp > > > Client brower address bar display http://aaa.abc.com/myapp/index.jsp > (but i > > > want http://bbb.abc.com/myapp/index.jsp instead) > > > Session persist, no problem > > > > > > 2) > > > RewriteCond %{HTTP_HOST} ^bbb\.(.*)$ > > > RewriteRule ^(.+) http://aaa.%1$1 > [PT] > > > Client access http://bbb.abc.com/myapp/index.jsp > > > Client brower address bar display http://bbb.abc.com/myapp/index.jsp > > > Client brower display "400 Bad Request error" > > > mod_rewrite.log get "forcing 'http://aaa.abc.com/myapp/index.jsp' to get > > > passed through to next API URI-to-filename handler > > > > > > 3) > > > RewriteCond %{HTTP_HOST} ^bbb\.(.*)$ > > > RewriteRule ^(.+) http://aaa.%1$1 > [P] > > > Client access http://bbb.abc.com/myapp/index.jsp > > > Client brower address bar display http://bbb.abc.com/myapp/index.jsp > > > Client brower display "Forbidden, You don't have permission to access > > > /myapp/index.jsp" > > > mod_rewrite.log get "forcing proxy-throughput with > > > http://aaa.abc.com/myapp/index.jsp" > > > > > > so all of these cases didn't give me the result i wanted. > > > the result i wanted is: > > > -Client access http://bbb.abc.com/myapp/index.jsp > > > -Client brower address bar display http://bbb.abc.com/myapp/index.jsp > > > -Session persist with http://aaa.abc.com/myapp/index.jsp > > > > > > Am i on the right track? or am i doing it totally wrong? or is there way > to > > > get around this? > > > > > > please help. thanks again. > > > > > > Simon > > > > > > > > > ----- Original Message ----- > > > From: "Tim Funk" <[EMAIL PROTECTED]> > > > To: "Tomcat Users List" <tomcat-user@jakarta.apache.org> > > > Sent: Tuesday, January 11, 2005 7:44 PM > > > Subject: Re: apache + tomcat with 2 domains but same session? > > > > > > > > > > > >>You can get away with this by using URL rewriting. When you are using > > >>aaa.abc.com and wish to redirect or link to bbb.abc.com - you would need > > > > > > to > > > > > >>rewrite the URL to include the jsessionid path parameter. But you > *cannot* > > > > > > do > > > > > >>this via response.encodeURL(..) since that method will detect your URL > is > > > > > > in > > > > > >>another webapp. So you will need to write your own implementation of > > >>encodeURL to achieve this. > > >> > > >>-Tim > > >> > > >>Simon Lau wrote: > > >> > > >>>Hi, > > >>> > > >>>I want to setup my apache to have 2 domains, say aaa.abc.com and > > >>>bbb.abc.com. > > >>>Both of this domain goes to the same application context, say /myapp > > >>>So when i access both > > >>>http://aaa.abc.com/myapp/index.jsp > > >>>http://bbb.abc.com/myapp/index.jsp > > >>>will give me the exact same content, no problem. > > >>> > > >>>My question is how do i persist the session while i switch between > > >>>aaa.abc.com and bbb.abc.com? > > >>>For example i have a shopping basket storing with 2 products and i want > > > > > > to > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]