Anyone know the quick and easy way to do this?
pete
Filip Hanik - Dev Lists wrote:
The easiest thing would be to tell Tomcat to always use "/" as a path
for the JSESSIONID cookie.
that should take care of it.
Filip
Tim Lucia wrote:
Happens with mod_jk -- I am using that as well. The issue is
security. You
(and I) are seeking to violate the rules, to a degree, and therein
lies the
problem.
I suspect you can write a filter, that on the way out, replaces the
setCookie header with path=/ where path=/someContext, but I haven't
tried it
yet. I was hoping for a plugin or configuration option way of doing it.
Since I got no (helpful) response last time, and nobody has chimed in
this
time, I don't think it is readily doable.
Tim
-----Original Message-----
From: Pete Lamborne [mailto:[EMAIL PROTECTED] Sent: Friday, February
24, 2006 1:41 PM
To: Tomcat Users List
Subject: Re: mod_rewrite losing session
Hey Tim,
Thanks for the great response. At least I know that I'm not missing
something really obvious.
I wonder if we could configure Tomcat to write the cookie without the
context?
Or if there is some other mechanism in httpd.conf that we could use to
control how the cookie gets set...
I find it hard to believe that alot of people have not run into this
issue
yet. Maybe everyone's still using mod_jk and have not migrated to
mod_proxy_ajp yet...
pete
Tim Lucia wrote:
Yes. I posted a similar question not long ago. I wanted to know
how to preserve the session under exactly this case (my specific
need was to have a version in the Tomcat path, but hide that context
/ version
>from the user.)
I can tell you why it's NOT preserving it. Tomcat sets the cookie
JSESSIONID for host=www.website.com, path
/tomcatWebappName/someServlet.
The browser sees the cookie for that path on the response (check -
it is set). You then ask for /someServlet and there is no cookie
with that path (the hosts match, of course) and so the browser does
not send the cookie along. No cookie (JSESSIONID), no session.
Tim
P.s. see
http://marc.theaimsgroup.com/?l=tomcat-user&m=113761657202592&w=2
-----Original Message-----
From: Pete Lamborne [mailto:[EMAIL PROTECTED]
Sent: Thursday, February 23, 2006 7:21 PM
To: Tomcat Users List
Subject: mod_rewrite losing session
Hi all,
I am having a problem when using mod_rewrite to hide the Tomcat
webapp/context name, where it spawns a new session with each request.
I am using apache2.2 and mod_proxy_ajp to dispatch the request and
tomcat 5.5.9
So if I try to send this URL: http://www.website.com/someServlet
to
http://www.website.com/tomcatWebappName/someServlet
with mod_rewrite, it's a new session with every request.
Any ideas?
thanks
pete
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
