tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Tomcat 5.5.27, session lost, cookies
Date Wed, 01 Jun 2011 14:29:56 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Diego,

On 6/1/2011 6:27 AM, Diego Ruotolo wrote:
> BTW, in my previous mails I tell you about the architecture used in our
> webapp, I send you the HTTP logs as returned by the access log valve and

The logs are not useful, since they don't contain headers.

> I said we use 3 cookies:
> 
> - JSESSIONID, with value of generated session id
> - jsessionid, same as before, just the name in lower case

Cookie names are case-insensitive, so using JSESSIONID as well as
jsessionid is going to cause problems.

http://www.ietf.org/rfc/rfc2109.txt

See sections 4.1 (specifically the definition of "attr" and the comment
following it) and 4.2.2 where "NAME" is defined to be an "attr".

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk3mTOQACgkQ9CaO5/Lv0PAkigCdGg8MRl9CgnXspAA1u3HWeQD7
BLIAn1nwH4DHkgqL5KwQ4QnySJERQsnf
=CKtT
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message