tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Konstantin Kolinko <knst.koli...@gmail.com>
Subject Re: Session cookie max age
Date Thu, 14 Jul 2011 00:54:59 GMT
2011/7/14 Josh Simmons <Josh.Simmons@colinx.com>:
> Our web.xml file minus listeners and servlet config.  I also removed some taglib definitions.
>
> <?xml version="1.0" encoding="ISO-8859-1"?>
>
> <!DOCTYPE web-app
>    PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
>    "http://java.sun.com/dtd/web-app_2_3.dtd">

Eh...  remove the above. It isn't servlet 2.3 webapp, isn't it?

>
> <web-app xmlns="http://java.sun.com/xml/ns/javaee"
>  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>  xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
>                      http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
>  version="3.0">

If you'll add the following line into conf/catalina.properties, Tomcat
will validate your web.xml file according to the schema:

org.apache.catalina.STRICT_SERVLET_COMPLIANCE=true

[http://tomcat.apache.org/tomcat-7.0-doc/config/systemprops.html]


You are not saying what release of Tomcat 7.0.x you are using.


AFAIK,
1) Tomcat won't send Set-Cookie when session id is already known
(either from this webapp or  from webapp on its parent path such as
ROOT).

See code that calls
o.a.c.core.ApplicationSessionCookieConfig#createSessionCookie(..)


2) The Cookie header sent by the web browser does not include neither
Path nor Expires/Max-Age values.


Best regards,
Konstantin Kolinko

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message