Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 50865 invoked from network); 5 Feb 2011 01:34:07 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 5 Feb 2011 01:34:07 -0000 Received: (qmail 69469 invoked by uid 500); 5 Feb 2011 01:34:03 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 69395 invoked by uid 500); 5 Feb 2011 01:34:02 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 69386 invoked by uid 99); 5 Feb 2011 01:34:02 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 05 Feb 2011 01:34:02 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_PASS,WEIRD_PORT X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of brian@tigernet.com designates 209.85.161.173 as permitted sender) Received: from [209.85.161.173] (HELO mail-gx0-f173.google.com) (209.85.161.173) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 05 Feb 2011 01:33:54 +0000 Received: by gxk28 with SMTP id 28so1419019gxk.18 for ; Fri, 04 Feb 2011 17:33:33 -0800 (PST) Received: by 10.236.110.172 with SMTP id u32mr25414282yhg.63.1296869613834; Fri, 04 Feb 2011 17:33:33 -0800 (PST) Received: from [127.0.0.1] (64.89.72.82.nw.nuvox.net [64.89.72.82]) by mx.google.com with ESMTPS id x62sm846582yhc.30.2011.02.04.17.33.32 (version=TLSv1/SSLv3 cipher=RC4-MD5); Fri, 04 Feb 2011 17:33:32 -0800 (PST) Message-ID: <4D4CA8EC.1030301@tigernet.com> Date: Fri, 04 Feb 2011 20:33:32 -0500 From: Brian Cross Reply-To: brian@tigernet.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.13) Gecko/20101207 Thunderbird/3.1.7 MIME-Version: 1.0 To: Tomcat Users List Subject: Re: Unable to store a session with Tomcat 7 linux and Internet Explorer References: <4D4C7793.6010309@tigernet.com> <4D4C7F23.1040209@apache.org> In-Reply-To: <4D4C7F23.1040209@apache.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org Thanks very much Chris, Chuck, and Mark. I did indeed have org.apache.catalina.STRICT_SERVLET_COMPLIANCE=true in my CATALINA_OPTS. I remember setting that a long time ago to fix a problem, but I can't remember what it was. I added org.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR=false as Mark suggested, and that fixed it right up. Thanks again. --Brian. On 2/4/2011 5:35 PM, Mark Thomas wrote: > On 04/02/2011 22:02, Brian Cross wrote: >> Hello Tomcat experts, I am looking at going from Tomcat 6 to 7 on Linux >> and ran into a strange issue. I cannot get an http session to "stick" >> when using Internet Explorer. A new session gets created every time you >> load the test page in IE only. I have verified this issue on IE 6, IE >> 8, and IE9 beta. Chrome and Firefox work as expected. I am just trying >> to get a session to stick, but in IE itcreates a new one for each >> request. This does NOT happen when running Tomcat 7 on Windows. Thanks >> very much for your help! >> >> My test code is just

Session ID =<%=request.getSession().getId()%>

>> >> Test URL (broken) on Tomcat 7: >> http://www.tigernet.com:8180/t/test/sessiontest.jsp >> >> Test URL (working) on Tomcat 6 >> http://www.tigernet.com/t/test/sessiontest.jsp >> >> Old Bug possibly related? >> https://issues.apache.org/bugzilla/show_bug.cgi?id=49525 > Sort of. > > Tomcat 7 is stricter in enforcing various specifications including the > cookie specification which states that / is not allowed in a cookie > value unquoted. Unfortunately / gets used a lot in cookies in the path > and if correctly quoted - i.e. path="/..." - IE chokes. Not exactly a > surprise considering just how badly IE adheres to the cookie specs. To > avoid exactly the issue you are seeing, Tomcat 7 does not enforce this > part of the specification by default. > > I suggest a careful read of the following Tomcat 7 docs > http://tomcat.apache.org/tomcat-7.0-doc/config/systemprops.html with > particular reference to > org.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR and > org.apache.catalina. STRICT_SERVLET_COMPLIANCE. My guess is that you > have set one or other of these to true. > > I usually run Tomcat with the following: > org.apache.catalina. STRICT_SERVLET_COMPLIANCE=true > org.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR=false > > Mark > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org > For additional commands, e-mail: users-help@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org