tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: JSESSIONID doesn't contain the port
Date Thu, 19 Jun 2008 14:51:29 GMT


Caldarale, Charles R wrote:
>> From: Zsolt Koppany [mailto:zkoppanylist@intland.com]
>> Subject: JSESSIONID doesn't contain the port
>>
>> we have two web applications running on the same host (with
>> the same tomcat) but on DIFFERENT ports.
> 
> For curiosity's sake, why are you doing that?
> 
>> Buf, if one tomcat application refers on URL of the second
>> application the browser (FF-2.0.0.14 IE-6) get a NEW a new
>> JSESSIONID thus the browser looses its session-id to the
>> first application.
> 
I don't think that cookies are ever port-specific.
But I believe what Zsolt is trying to say, is that the cookies /name/ 
being the same, when one application for whatever reason decides that 
this is a new session, it overwrites the JSESSIONID cookie of the other, 
because its session cookie is also named JSESSIONID and comes from the 
same host (which usually does make cookies specific, but not in this 
case, since it is the same host).  Since this (new) cookie comes from 
the same host and is called the same, the browser happily overwrites the 
old one. So when the user goes back later to his old session on the 
other port, the browser sends the last-gotten cookie, but that's not the 
one Tomcat is expecting there.

Now, maybe the issue is whether the session of one application can or 
cannot be valid for the other.  If they just shared a session (and a 
cookie), then there would be harmony again.

André


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message