Just to update, instead of using Valve I re-build the tomcat with following code while setting Expiry header "cookie.setSecure(request.isSecure())" in SingleSignOn class file.
This works. In this way I can probably make it as secure or empty the value. -----Original Message----- From: Radha Krishna Meduri -X (radmedur - HCL TECHNOLOGIES LIMITED at Cisco) Sent: Thursday, June 19, 2014 7:47 PM To: Tomcat Users List Subject: RE: Regarding JSESSIONIDSSO Cookie maintained by tomcat Ofcourse, I am not waiting :-) -----Original Message----- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Thursday, June 19, 2014 7:44 PM To: Tomcat Users List Subject: Re: Regarding JSESSIONIDSSO Cookie maintained by tomcat -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Radha, On 6/19/14, 6:32 AM, Radha Krishna Meduri -X (radmedur - HCL TECHNOLOGIES LIMITED at Cisco) wrote: > Thanks Konstantin. This is what I am asking in my very first mail. > Why can't we empty the value in case Cookie is expired. > > Konstantin Kolinko, According to your suggestion planning to use Value > to change the Cookie. In the invoke() method of Valve, I need to get > the list of Cookies and If the Cookie name is "JSESSIONIDSSO" , we can > empty the value. Can you confirm whether above approach works? Wouldn't it be faster to try it (2 minutes) than to post to the mailing list and wait for someone to get back to you (4 hours, at this moment)? - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJTovARAAoJEBzwKT+lPKRYhSYP/3e1QBB752UJGpbNsUaSdHvA 8A5kVD3ENUr1IOYVVqNW+tbPmeTlCeDsImralFG8ziDdzZ5fFS1Dj5XGlE6SnWTk F7ej6TmpG+N5Sc78iIVPWeOAWv8QZsWF7nvDUltkWaqem6tcL38MT8sCc7hI/K+U FLdWjVkyXk8zUBIQKdqyElZMI9CSkgCnSN/miUo4tHMC8P3BbfXQAbAe0w1PgG9V 4PZ+2iEaRbUqNvfH7T9ZoCBjWHgdseVOakz1r1HFrgyQE+rmUYhzy8bvvV9wcHsf JEP+Z4qRZcW/pmX0OLQBzuekzmoXtTafHSBRD7j5lOpTGtgBW04YZR0JWbyBXnUH Mcz+8fkUhRjtHVAa/Jjc4ZYkMAmKFuX9hzrhEBA5ryPrICKltsmW5nUNsUMMvCq9 OZN/ZudlqIe8Cyj+oduPPXSJivb35oMrTd5IWdFcEL9uVejG9Q7FxFupV63/LiQT Dn7uass4SWIxpJIp9J7Ea73UVMJQh/TfmCL4n9Oin5Ab1rEdFX2JtA345oZiuGRl fkmIVOZ0agSEMOISimV8Li5g/p0ezRpTkU3e2PktLKxIsqsrNp4Epkk2w/t41Eiq suSqUREMKA3KmxtLsJhuhynm10X7MQX9K5RIiPaJT1PdXhgkieeeT8czvUoblGm1 quN5VgZGv1wbGx8m/OKA =dWVv -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
