-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Rainer,
Rainer Jung wrote: | This is not a real answer to your question, but if you look at the code, | the behaviour w.r.t. multiple JSESSIONID cookies has been changed | between 5.5.25 and 5.5.26. There is an issue BZ 43839, and the patch has | been applied to TC 5.5 in r609463 | | http://svn.apache.org/viewvc?view=rev&revision=609463 Hmm... I took a look at the new code and it appears to be the same as the old code for cookies (except that now JSESSIONID cookies are completely ignored when cookies have been disabled application-wide). I checked on the cookie specification (best resource I could find was http://wp.netscape.com/newsref/std/cookie_spec.html) and under the "Syntax of Cookie HTTP Request Headers" section it states: "When sending cookies to a server, all cookies with a more specific path mapping should be sent before cookies with less specific path mappings. For example, a cookie "name1=foo" with a path mapping of "/" should be sent after a cookie "name1=foo2" with a path mapping of "/bar" if they are both to be sent." That seems to be in line with what Tomcat's code expects: it tries all cookies from most-specific path to least-specific path (because it processes them from left to right). Unfortunately for me, the most-specific path (first sent) is the one that I want, while the least-specific path is the one used, even when it is not valid. I think I have to move my application. :( The good news is that most people who use the "real" /foo application are never going to be using the ROOT context application just because of the types of users served. So, while I wait for a convenient time to move that application, not too many people will be affected. I also have the option of having the /foo application kill the cookie from the ROOT application if necessary. Thanks for the info! - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkgXIZcACgkQ9CaO5/Lv0PD88wCfdflf5eExQGeEaeqdBhOBB+EZ 9QMAn3PdalKv8P7MqeT4jWZ1FPGoowIU =8HXI -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
