Solved

change domain of JSESSIONID cookie in Apache

Posted on 2013-12-18
8
1,971 Views
Last Modified: 2014-02-01
Currently JSESSIONID is set by xxx.domain.com and I'd like to read the JSESSIONID from yyy.domain.com, so how can I change the JSESSIONID cookie's domain from xxx.domain.com to .domain.com? I'm using Apache as web server. Thanks.
0
Comment
Question by:xiaoyunwu
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
8 Comments
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39727536
You can do that by using ".domain.com" as the domain when you set the cookie.  Apparently there is an XML file somewhere that sets all the cookie parameters.  WEB-INF/web.xml?
0
 

Author Comment

by:xiaoyunwu
ID: 39727851
I can't find in WEB-INF/web.xml
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39728042
JSESSIONID is not going to be set by Apache but by Java.  Please click on "Request Attention" and get the JAVA Topic Area added to your question so the Java experts will see your question.  It would also help if you would post the exact program versions and methods you are using since there may be more than one way of doing this.
0
Guide to Performance: Optimization & Monitoring

Nowadays, monitoring is a mixture of tools, systems, and codes—making it a very complex process. And with this complexity, comes variables for failure. Get DZone’s new Guide to Performance to learn how to proactively find these variables and solve them before a disruption occurs.

 

Accepted Solution

by:
xiaoyunwu earned 0 total points
ID: 39729695
I tried two options
1)
<IfModule headers_module>
Header edit Set-Cookie "^(JSESSIONID.*);.*$" "$1; path=/; domain=theeducationcenter.com"
</IfModule>

The problem with this approach is I can't match zzz.domain.com, if I only want to have domain reset when xxx.domain.com and yyy.domain.com not zzz.domain.com

2)
RewriteCond %{HTTP_COOKIE} JSESSIONID=(.*) [NC]
RewriteRule .* - [CO=JSESSIONID:%1:.theeducationcenter.com]

The same thing, I can't find out how to match domain in RewriteCond to say not when domain is zzz.domain.com

Another problem with second approach is that it will create another JSESSIONID at domain.com instead of overwrite JESSIONID at xxx.domain.com, so I end up with two JESSIONID cookies

Thanks.
0
 
LVL 35

Expert Comment

by:mccarl
ID: 39730969
Are you using Tomcat (behind Apache) to host the application? Do you have access to modify the web application?

If so, you can add a file "META-INF/context.xml" that contains the below... (note: in your project, META-INF should be in the same directory as your WEB-INF)
<?xml version="1.0" encoding="UTF-8"?>
<Context sessionCookieDomain=".domain.com"/>

Open in new window

Note: if the "META-INF/context.xml" file already exists, just add the above attribute to the <Context> element that will already be there.
0
 
LVL 35

Expert Comment

by:mccarl
ID: 39813660
You are trying to close this request by accepting your own comment. This is fine but the comment has no information about how your problem is solved, it was just a comment listing 2 things you had tried and why neither of those 2 things are acceptable. But now you say that it's solved.

Please leave a comment about exactly how your problem was solved and then you can accept that as the answer. Otherwise you should award points to any answers that have helped you.
0
 

Author Closing Comment

by:xiaoyunwu
ID: 39826061
this solves
0

Featured Post

Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
jsp error 6 49
Setup GlassFish 4 37
dao vs facade design patterns 2 40
Can't "Unset" Proxy in Apache headers for PCI compliance... 4 46
Introduction Java can be integrated with native programs using an interface called JNI(Java Native Interface). Native programs are programs which can directly run on the processor. JNI is simply a naming and calling convention so that the JVM (Java…
In this post we will learn how to connect and configure Android Device (Smartphone etc.) with Android Studio. After that we will run a simple Hello World Program.
Viewers will learn about the regular for loop in Java and how to use it. Definition: Break the for loop down into 3 parts: Syntax when using for loops: Example using a for loop:
This tutorial explains how to use the VisualVM tool for the Java platform application. This video goes into detail on the Threads, Sampler, and Profiler tabs.

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question