tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brane F. Gračnar" <...@najdi.si>
Subject [PATCH]: configurable session cookie domain (subdomain session support)
Date Mon, 06 Apr 2009 16:05:00 GMT
Hello :)

We needed subdomain session cookie support for our java webapp; currently 
there is no way to configure cookie domain attribute in tomcat <= 6.0.18.

This patch adds this functionality. Cookie domain can be specified as Manager 
property (default null == turned off) in conf/context.xml or on per webapp 
context property (conf/<engine_name>/<vhost>/appname.xml or 
META-INF/context.xml).

--- snip ---
<Context override="true">
        <Manager cookieDomain=".example.org" />
</Context>
--- snip ---

Webapp will then issue session cookies in the following form:

JSESSIONID=D29B85A0D5E3AADA7DAA2B8DE660B0B3; Domain=.example.org; Path=/

Browser will send this cookie to sites www.example.org, subsite.example.org, 
etc...

This functionality is already implemented in Resin and Jetty.

How to use/apply:
svn co http://svn.apache.org/repos/asf/tomcat/tc6.0.x/tags/TOMCAT_6_0_18
cd TOMCAT_6_0_18
patch -p0 < /path/to/tomcat-6.0.18-subdomain-session-cookie.patch
ant download
ant

Best regards, Brane

Mime
View raw message