tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Behrens <Jan.Behr...@offis.de>
Subject Antwort: Re: Antwort: Re: Session cookies on Linux
Date Tue, 13 Dec 2005 17:05:46 GMT
Answering my own post, here is what drove me nuts; we have a firewall 
configured on each machine (preconfigured and installed by our admins) 
which does not only monitor connections but also _silently_ blocks third 
party cookies by default. Because of our servers setup, all cookies were 
treated as third party after the initial response by the firewall and thus 
eliminated. I could bite my own a... for spending so much time on such a 
stupid mistake - but I never thought the firewall would be filtering 
cookies without ever telling me :(

Going home now, Jan

"Martin Gainty" <mgainty@hotmail.com> schrieb am 12.12.2005 20:22:47:

> Guten Tag Jan-
> did you find any restrictions in java.policy file?
> Anyone else?
> M
> ----- Original Message ----- 
> From: "Jan Behrens" <Jan.Behrens@offis.de>
> To: "Tomcat Users List" <users@tomcat.apache.org>
> Sent: Monday, December 12, 2005 11:55 AM
> Subject: Antwort: Re: Session cookies on Linux
> 
> 
> > Hi Martin,
> >
> > thanks for the shot ;) Unfortunately this is not the problem, Tomcat 
has
> > r&w access to these dirs and successfully writes to them. It's just 
not
> > handling the session ID via cookies, but then again I am not sure 
whether
> > this is realy related to the dir question or maybe something else...
> >
> > Thanks anyway, Jan
> >
> > "Martin Gainty" <mgainty@hotmail.com> schrieb am 12.12.2005 17:41:10:
> >
> >> This is a shot in the dark but does the sym linked folder have write
> >> permission ?
> >> assume that tomcat is installed to /usr/local/tomcat..e.g.
> >> chmod +w /usr/local/tomcat
> >> Anyone else?
> >> Viel Gluck,
> >> Martin-
> >> ----- Original Message ----- 
> >> From: "Jan Behrens" <Jan.Behrens@offis.de>
> >> To: "Tomcat Users List" <users@tomcat.apache.org>
> >> Sent: Monday, December 12, 2005 10:51 AM
> >> Subject: Re: Session cookies on Linux
> >>
> >>
> >> > Anyone?
> >> > I am still stuck on this, I admit that our machine's setup is a bit
> >> > 'special' as it has to IPs with a server instance bound to each. 
But
> >> > everything else works fine, except for this stupid cookie problem. 
Can
> >> > someone clarify whether using symlinks within the Tomcat install
> > directory
> >> > is ok? We are using a couple, for /temp and /work amongst others.
> > Because
> >> > the work dir is used by Tomcat just fine however, I beliebe this
> > should be
> >> > ok.
> >> >
> >> > Any help on this is very much appreciated.
> >> >
> >> > TIA, Jan
> >> >
> >> >
> >> > Jan Behrens
> >> > OFFIS
> >> > FuE-Bereich Betriebliches Informationsmanagement
> >> > Escherweg 2  -  26121 Oldenburg  -  Germany
> >> > Fon: +49 4 41 97 22 - 187  -  Fax:  +49 4 41 97 22-102
> >> > E-mail: jan.behrens@offis.de  -  URL: http://www.offis.de
> >> >
> >> > Jan Behrens <Jan.Behrens@offis.de> schrieb am 12.12.2005 13:33:41:
> >> >
> >> >> Thanks for the input Peter. What I see now is even more confusing 
to
> > me;
> >> >
> >> >>
> >> >> - Tomcat sets a cookie containing a session id X
> >> >> - On the request however, the URL gets rewritten using session id 
Y
> > (and
> >> > X
> >> >> != Y)
> >> >>
> >> >> All subsequent requests made are handled via URL rewriting using
> > session
> >> >
> >> >> id Y. I can see this behaviour both on my own app as well as on 
the
> >> > admin
> >> >> app... I am at a loss as to what to do next :(
> >> >>
> >> >> Any ideas? TIA, Jan
> >> >>
> >> >> Peter Rossbach <pr@objektpark.de> schrieb am 12.12.2005 10:07:02:
> >> >>
> >> >> > a) Setup Firefox LiveHTTPHeader Plugin or nettools http proxy
to
> > scan
> >> >> > you traffic.
> >> >> > When tomcat not see a JSESSIONID cookie at the request the can't
> >> >> > associate a session.
> >> >> >
> >> >> > b) StandardSession Manager store all Session at shutdown app at
> >> >> > work/Catalina/<host>/<app>/SESSIONS.ser
> >> >> >      All dirs must me writeable for your tomcat user
> >> >> > .
> >> >> > Peter
> >> >> >
> >> >> > Jan Behrens schrieb:
> >> >> >
> >> >> > >Hi list,
> >> >> > >
> >> >> > >I have a problem with session cookies on a Linux server. Both
> > Tomcat
> >> >> > >instances running on the machine don't seem to be able to
store
> >> > session
> >> >>
> >> >> > >data in cookies. They otherwise work just fine, just no 
cookies. I
> >> > have
> >> >>
> >> >> > >obviously checked all browser settings as well as made sure

that
> > all
> >> >> > >webapps in question have the cookie flag turned on. However,
> > Tomcat
> >> > is
> >> >> > >still not setting any cookies...
> >> >> > >
> >> >> > >My set-up:
> >> >> > >- Suse Linux server (kernel 2.6.8-24.18-smp)
> >> >> > >- Multiprocessor machine with 4 GB memory
> >> >> > >- Sun VM 1.4.2_08-b03
> >> >> > >- 2 Tomcat 5.0.28 instances
> >> >> > >
> >> >> > >Maybe this is a problem with fileset permission's? Tomcat
runs 
as
> >> > user
> >> >> > >tomcat and I think I checked each dir Tomcat needs to write

into
> > but
> >> > I
> >> >> am
> >> >> > >not sure where cookies are normally stored in. Is this the
temp
> > dir
> >> > or
> >> >> > >somewhere else?
> >> >> > >
> >> >> > >I would be very grateful for any help or suggestions as to
what 
to
> > do
> >> >
> >> >> to
> >> >> > >get this fixed.
> >> >> > >
> >> >> > >TIA, Jan
> >> >> > >
> >> >> > >
> >> >> > >Jan Behrens
> >> >> > >OFFIS
> >> >> > >FuE-Bereich Betriebliches Informationsmanagement
> >> >> > >Escherweg 2  -  26121 Oldenburg  -  Germany
> >> >> > >Fon: +49 4 41 97 22 - 187  -  Fax:  +49 4 41 97 22-102
> >> >> > >E-mail: jan.behrens@offis.de  -  URL: http://www.offis.de
> >> >> > >
> >> >> >
> >>---------------------------------------------------------------------
> >> >> > >To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> >> > >For additional commands, e-mail: users-help@tomcat.apache.org
> >> >> > >
> >> >> > >
> >> >> > >
> >> >> > >
> >> >> > >
> >> >> > >
> >> >> >
> >> >> >
> >> >> >
> >> >> >
> >> >> >
> >> >> >
> > ---------------------------------------------------------------------
> >> >> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> >> > For additional commands, e-mail: users-help@tomcat.apache.org
> >> >> >
> >> >>
> >> >>
> >> >> 
---------------------------------------------------------------------
> >> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> >> For additional commands, e-mail: users-help@tomcat.apache.org
> >> >>
> >> >
> >> >
> >> > 
---------------------------------------------------------------------
> >> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> > For additional commands, e-mail: users-help@tomcat.apache.org
> >> >
> >> >
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> For additional commands, e-mail: users-help@tomcat.apache.org
> >>
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
> > 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message