tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tim Lucia" <timlu...@yahoo.com>
Subject RE: mod_rewrite losing session
Date Fri, 24 Feb 2006 22:49:28 GMT
And how would one do that?  The cookie JSESSIONID is automagically
maintained for you. 

-----Original Message-----
From: Pete Lamborne [mailto:pete@maniatv.com] 
Sent: Friday, February 24, 2006 4:50 PM
To: Tomcat Users List
Subject: Re: mod_rewrite losing session

Anyone know the quick and easy way to do this?
pete



Filip Hanik - Dev Lists wrote:

> The easiest thing would be to tell Tomcat to always use "/" as a path 
> for the JSESSIONID cookie.
> that should take care of it.
> Filip
>
> Tim Lucia wrote:
>
>> Happens with mod_jk -- I am using that as well.  The issue is 
>> security.  You (and I) are seeking to violate the rules, to a degree, 
>> and therein lies the problem.
>>
>> I suspect you can write a filter, that on the way out, replaces the 
>> setCookie header with path=/ where path=/someContext, but I haven't 
>> tried it yet.  I was hoping for a plugin or configuration option way 
>> of doing it.
>>
>> Since I got no (helpful) response last time, and nobody has chimed in 
>> this time, I don't think it is readily doable.
>>
>> Tim
>>  
>>
>> -----Original Message-----
>> From: Pete Lamborne [mailto:pete@maniatv.com] Sent: Friday, February 
>> 24, 2006 1:41 PM
>> To: Tomcat Users List
>> Subject: Re: mod_rewrite losing session
>>
>> Hey Tim,
>> Thanks for the great response.  At least I know that I'm not missing 
>> something really obvious.
>>
>> I wonder if we could configure Tomcat to write the cookie without the 
>> context?
>>
>> Or if there is some other mechanism in httpd.conf that we could use 
>> to control how the cookie gets set...
>>
>> I find it hard to believe that alot of people have not run into this 
>> issue yet.  Maybe everyone's still using mod_jk and have not migrated 
>> to mod_proxy_ajp yet...
>>
>> pete
>>
>>
>>
>> Tim Lucia wrote:
>>
>>  
>>
>>> Yes.  I posted a similar question not long ago.  I wanted to know 
>>> how to preserve the session under exactly this case (my specific 
>>> need was to have a version in the Tomcat path, but hide that context
>>> / version     
>>
>> >from the user.)
>>  
>>
>>> I can tell you why it's NOT preserving it.  Tomcat sets the cookie 
>>> JSESSIONID for host=www.website.com, path 
>>> /tomcatWebappName/someServlet.
>>> The browser sees the cookie for that path on the response (check - 
>>> it is set).  You then ask for /someServlet and there is no cookie 
>>> with that path (the hosts match, of course) and so the browser does 
>>> not send the cookie along.  No cookie (JSESSIONID), no session.
>>>
>>> Tim
>>>
>>> P.s. see
>>> http://marc.theaimsgroup.com/?l=tomcat-user&m=113761657202592&w=2
>>>
>>>
>>>  
>>>
>>>    
>>>
>>>> -----Original Message-----
>>>> From: Pete Lamborne [mailto:pete@maniatv.com]
>>>> Sent: Thursday, February 23, 2006 7:21 PM
>>>> To: Tomcat Users List
>>>> Subject: mod_rewrite losing session
>>>>
>>>>
>>>> Hi all,
>>>> I am having a problem when using mod_rewrite to hide the Tomcat 
>>>> webapp/context name, where it spawns a new session with each request.
>>>>
>>>> I am using apache2.2 and mod_proxy_ajp to dispatch the request and 
>>>> tomcat 5.5.9
>>>>
>>>> So if I try to send this URL: http://www.website.com/someServlet
>>>>
>>>> to
>>>>
>>>> http://www.website.com/tomcatWebappName/someServlet
>>>>
>>>> with mod_rewrite, it's a new session with every request.
>>>>
>>>> Any ideas?
>>>> thanks
>>>> pete
>>>>
>>>>
>>>>
>>>>
>>>> -------------------------------------------------------------------
>>>> -- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>
>>>>
>>>>   
>>>>       
>>>
>>> --------------------------------------------------------------------
>>> - To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>>
>>>  
>>>
>>>     
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>   
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message