On Sun, 1 Dec 2002, Garrett Smith wrote:
> Date: Sun, 1 Dec 2002 07:41:10 -0800 (PST) > From: Garrett Smith <[EMAIL PROTECTED]> > Reply-To: Tomcat Users List <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Session cookie not recognized in www. subdomain alias > > Hello Tomcat Users, > > I am having a problem with access to the www. alias of my site having a > different session cookie. > > What is the proper way to make tomcat use ".dhtmlkitchen.com" for my session > cookie? > > To see what I mean, go to http://dhtmlkitchen.com/ and then to > http://www.dhtmlkitchen.com/ . You can see the obvious change by the colors > (which are session-based). > > Proof:Javascript:alert(document.cookie) > > You'll see a different JSESSIONID cookie for www. alias "subdomain." > > I ask again: What is the proper way to make tomcat use ".dhtmlkitchen.com" for > my session cookie? > You'll have to modify your own copy of Tomcat to do this if you want it, because it would violate the servlet specification (as well as being a potential security hole). Craig -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
