This is neat. Thanks!
--
Rick
Peter Rossbach wrote:
Option is
<Connector emptySessionPath="true" ... />
Then all webapps share the same session id.
Cheers
Peter
Am 16.04.2006 um 15:12 schrieb Tim Funk:
Check the docs - there is an option that will allow tomcat to use the
same jsessionid for all webapps.
-Tim
Rick Wong wrote:
It's been a while since my last posting of this topic. I have a
work-around that perhaps someone may find it useful.
I worked around the issue by implementing a Tomcat Valve, and screen
out for the jsessionsso cookie on every request. If I find it, I
reinsert it back into the response within the valve to touch the
timestamp of the jssessionsso cookie. This way, when IE wants to
throw away a cookie, jsessionsso would be the last one it picks.
It's not a perfect solution but there is nothing I can do about IE's
deficiency (how often do you see Microsoft rigidly conforms to a spec?)
Thanks,
--Rick
Rick Wong wrote:
Hi,
I am using Tomcat 5.0.26. I have 20+ web applications hooked up
with single-sign-on. Each web application generates a JESSIONID
session cookie with a different path, and shares a single
JSESSIONIDSSO.
When testing my suite of applications, I notice that IE
consistently drops my login after accessing the 20th web
application within a session. I did some research and learned
about RFC 2109 where HTTP agents should support a minimum of 20
session cookies per domain. That appears to be just what IE does.
The following Microsoft knowledgebase article explains that:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;306070. I
suspect JSESSIONIDSSO was the oldest cookie, and was the first to
get dropped by IE when reaching over 20 session cookies. Firefox
does not have this problem.
Knowing that I cannot easily refactor the application suite to make
less number of web application (< 19), I am wondering if anyone
else has this problem, and if and how I might work around this IE
limitation.
Thanks,
--Rick
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]