tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <>
Subject Re: Tabbed browsers sharing session - work around.
Date Tue, 05 Oct 2010 18:23:36 GMT
Hash: SHA1


On 10/5/2010 11:28 AM, Rob Gregory wrote:
> Basically we are stuck with some legacy application parts that while
> these are scheduled to be replaced we have to support them until they
> have been. Using filters would not solve the issue as the 'Hack' as you
> put it is done at a cookie path level. We do use filters to implement
> security, ntlmv2 authentication, caching & anti-caching, etc so I am
> fully aware of the power of filters. 
> I agree hacking away at a part of Tomcat is not the best solution but it
> was the only one currently available to resolve the issue. And was my
> original reasoning behind posting to this group to see if anyone could
> suggest a better solution. 

My suggestion would be to deploy your different environments into
separate contexts. That way, the cookie paths are distinguishable and
there shouldn't be any confusion no matter what the situation is on the

One other possibility would be to disable the use of cookies altogether
on the server and force the use or URL rewriting: that would essentially
force each browser window or tab into it's own isolated "session". This
requires that you have coded your pages correctly to support URL
rewriting, of course.

Good luck,
- -chris
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla -


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message