tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pid <...@pidster.com>
Subject Re: Tomcat SSO JSESSIONIDSSO value can't be reset by browser
Date Mon, 01 Mar 2010 12:19:40 GMT
On 01/03/2010 07:49, Xiaojun Deng wrote:
> On Fri, Feb 26, 2010 at 03:28:50PM +0000, Pid wrote:
>> On 26/02/2010 14:58, Xiaojun Deng wrote:
>>> On Fri, Feb 26, 2010 at 8:51 PM, Pid<pid@pidster.com>   wrote:
>>>> On 26/02/2010 09:59, Xiaojun Deng wrote:
>>>>>
>>>>> On Fri, Feb 26, 2010 at 09:57:46AM +0000, Pid wrote:
>>>>>>
>>>>>> On 26/02/2010 04:15, Xiaojun Deng wrote:
>>>>>>>
>>>>>>> Hello,
>>>>>>>
>>>>>>> I use the Tomcat SSO function, and I found that when I restart
my tomcat
>>>>>>> or the
>>>>>>> session timeout, I refresh the page, the cookie JSESSIONIDSSO
keep the
>>>>>>> old value,
>>>>>>> so I can't login my application.
>>>>>>>
>>>>>>> And the web application's JSESSIONID works well, they can reset
the
>>>>>>> cookie value.
>>>>>>>
>>>>>>> Is there a way to configure for the JSESSIONIDSSO?
>>>>>>>
>>>>>>> server.xml content
>>>>>>> <Host name="localhost"  appBase="webapps"
>>>>>>> unpackWARs="true" autoDeploy="true"
>>>>>>> xmlValidation="false" xmlNamespaceAware="false">
>>>>>>>
>>>>>>> <Realm  className="org.apache.catalina.realm.SSOMultipleDSRealm"
/>
>>>>>>> <!-- SingleSignOn valve, share authentication between web
applications
>>>>>>> Documentation at: /docs/config/valve.html -->
>>>>>>> <Valve className="org.apache.catalina.authenticator.SingleSignOn"
>>>>>>> requireReauthentication="false"/>
>>>>>>> </Host>
>>>>>>>
>>>>>>> Thanks.
>>>>>>
>>>>>> What are your exact Tomcat, JVM, OS versions?
>>>>>>
>>>>>
>>>>> CentOS release 5.2 (Final) kernel 2.6.18-92.el5
>>>>> Tomcat 6.0.20
>>>>> JVM jdk_1.6.0_14
>>>>
>>>>
>>>> How many applications do you have deployed, and what is the session timeout
>>>> for each one?
>>>>
>>>
>>> I deployed 3 applications, and two session timeout are 60min, and the
>>> rest is 5min for testing,
>>
>> OK - so if you're using the SSO valve, then the longer session
>> timeout should mean that the users of the app with the shorter one is
>> automatically logged in again.
>>
> yes, thanks for your comments
>>
>>> All the applications' JSESSIONID can be reset when the session timeout
>>> (5min) or server restart (I checked the Firefox cookies manager),
>>> but the JSESSIONIDSSO value can't be reset, it keep the old cookie
>>> value, and when login into the server again, it failed caused by using
>>> a old
>>> cookie value, but the server have created a new session cookie.
>>
>> I'm not entirely sure I understand what you mean here.  The value of
>> JSESSIONID may change, but the session itself should remain intact.
>>
>> What is failing, exactly, and what symptoms are you seeing?  The user
>> is logged out, or an error page?
>>
>
> I'm sorry for the descriptions, maybe it's a complex problem for me...
> Because I used the JSESSIONIDSSO value to validate, and I just want to the
> value will change when the session timout or server restart, but when session timeouted,
> the firefox cookie still keeped the old value, I don't know what happened.

Uaed the JSESSIONIDSSO value to validate what?

>>> Actually, I don't know who manages the JSESSIONIDSSO, I think the
>>> JSESSIONID managed by each application, and it can refresh when
>>> session timeout, but why the JSESSIONIDSSO can't work well?
>>>
>>> Thanks.
>>
>> The %CATALINA_HOME%/conf/context.xml file contains a documented
>> setting which allows the session to be persisted during restarts.  If
>> it is enabled then the session will be restored to each user, after
>> restart.
>>
> I don't enable it.
> A session(JSESSIONID) is managed by the web application, like
> webapps/app1
> webapps/app2
> But who manages the JSESSIONIDSSO?

The SingleSignOnValve in the Host.

> Now I resolved this problem via deleting the JSESSIONIDSSO cookie value, and it
> will create a new value, and work well.

I don't understand that, but hey.


p


>>>>>>> ---------------------------------------------------------------------
>>>>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>>>>
>>>>>>
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>>>
>>>>
>>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message