tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Different session id per page
Date Mon, 02 Jan 2012 23:14:57 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jerry,

On 12/31/11 5:44 PM, Jerry Malcolm wrote:
> Chuck, the sessionCookiePath link you referenced says that all web
> apps can use the same cookie path ("/").  That means that several
> independent web applications will have to share the same session
> object, right?  I have no problem with that if that really works.
> Just want to confirm that I am indeed understanding this correctly.
> There's no problem with several webapps sharing a common session
> object?

I would *highly* recommend against combining URL spaces of different
webapps. If you just want to map your /orders webapp to /, then that's
fine, but if you have separate webapps, you're going to want to keep
the cookie paths distinct from each other. To do otherwise will cause
all kinds of problems with webapps trashing each other's JSESSIONID
cookie values.

Another option would be to set the cookie name. You can do that in
recent versions of Tomcat. Check the <Context> documentation for how
to do it.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk8COnEACgkQ9CaO5/Lv0PBzXQCfZWnB6KK5fnnxhMHYqGHyfGM0
eAgAn1ll6QWFejuq+w2CB7Ag5H7bBOeW
=Sto9
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message