tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <>
Subject Re: Different session id per page
Date Mon, 02 Jan 2012 23:14:57 GMT
Hash: SHA1


On 12/31/11 5:44 PM, Jerry Malcolm wrote:
> Chuck, the sessionCookiePath link you referenced says that all web
> apps can use the same cookie path ("/").  That means that several
> independent web applications will have to share the same session
> object, right?  I have no problem with that if that really works.
> Just want to confirm that I am indeed understanding this correctly.
> There's no problem with several webapps sharing a common session
> object?

I would *highly* recommend against combining URL spaces of different
webapps. If you just want to map your /orders webapp to /, then that's
fine, but if you have separate webapps, you're going to want to keep
the cookie paths distinct from each other. To do otherwise will cause
all kinds of problems with webapps trashing each other's JSESSIONID
cookie values.

Another option would be to set the cookie name. You can do that in
recent versions of Tomcat. Check the <Context> documentation for how
to do it.

- -chris
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools -
Comment: Using GnuPG with Mozilla -


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message