tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aditya <adi...@grot.org>
Subject Re: domain-wide session cookies?
Date Fri, 21 Mar 2003 22:50:44 GMT
For those who care, I've answered my own questions:

> On Thu, 20 Mar 2003 21:40:20 -0800, Aditya <aditya@grot.org> said:
> Under Tomcat-4 it looks like the session cookie is set in:
>
>   org/apache/catalina/connector/HttpResponseBase.java
>
> and the code that sets it uses the default domain (which is equal to
> the request hostname.domain.tld) when it sets the session cookie. I
> need to set the cookie to be domain-wide, ie. ".domain.tld" however
> it seems silly to hardcode it in the above class.
>
> Before I tackle this:
>
> 0) is there a better way to do it?

Yup, do it in a filter. Using a filter to manipulate cookies is
trivial and using session.isNew() guarantees that we just do this once.

If anyone wants any more detail about this strange, slightly yucky
hack, please ask.

Adi

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message