tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: using Servlet Filter to rewrite domain of JSESSIONID cookie?
Date Thu, 01 Jul 2010 22:07:07 GMT
Nikita Tovstoles wrote:
> thanks for the pointers. However, emptySessionPath - from what I can tell -
> only deals with paths (not domain). how could I use it do ignore
>  subdomains?
> 
> 
What I do not really understand in all this, is what the point is, of having the same 
JSESSIONID (and by extension, I suppose, session) for different domains.
(And I find the term "sub-domain" confusing, apart from the fact that technically, there 
is no such thing).
If you have 2 hosts a.somedomain.com and b.somedomain.com, they could be virtual hosts 
inside the same tomcat, but they could also be entirely distinct hosts with two separate 
Tomcat's, and the client would/should never know.
So having the same "session" covering the two hosts does not seem to make sense, to me at

least.
I can understand storing some other information into a separate cookie, which would be 
valid for the whole somedomain.com, but the session-id ?


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message