And how would one do that? The cookie JSESSIONID is automagically maintained for you.
-----Original Message----- From: Pete Lamborne [mailto:[EMAIL PROTECTED] Sent: Friday, February 24, 2006 4:50 PM To: Tomcat Users List Subject: Re: mod_rewrite losing session Anyone know the quick and easy way to do this? pete Filip Hanik - Dev Lists wrote: > The easiest thing would be to tell Tomcat to always use "/" as a path > for the JSESSIONID cookie. > that should take care of it. > Filip > > Tim Lucia wrote: > >> Happens with mod_jk -- I am using that as well. The issue is >> security. You (and I) are seeking to violate the rules, to a degree, >> and therein lies the problem. >> >> I suspect you can write a filter, that on the way out, replaces the >> setCookie header with path=/ where path=/someContext, but I haven't >> tried it yet. I was hoping for a plugin or configuration option way >> of doing it. >> >> Since I got no (helpful) response last time, and nobody has chimed in >> this time, I don't think it is readily doable. >> >> Tim >> >> >> -----Original Message----- >> From: Pete Lamborne [mailto:[EMAIL PROTECTED] Sent: Friday, February >> 24, 2006 1:41 PM >> To: Tomcat Users List >> Subject: Re: mod_rewrite losing session >> >> Hey Tim, >> Thanks for the great response. At least I know that I'm not missing >> something really obvious. >> >> I wonder if we could configure Tomcat to write the cookie without the >> context? >> >> Or if there is some other mechanism in httpd.conf that we could use >> to control how the cookie gets set... >> >> I find it hard to believe that alot of people have not run into this >> issue yet. Maybe everyone's still using mod_jk and have not migrated >> to mod_proxy_ajp yet... >> >> pete >> >> >> >> Tim Lucia wrote: >> >> >> >>> Yes. I posted a similar question not long ago. I wanted to know >>> how to preserve the session under exactly this case (my specific >>> need was to have a version in the Tomcat path, but hide that context >>> / version >> >> >from the user.) >> >> >>> I can tell you why it's NOT preserving it. Tomcat sets the cookie >>> JSESSIONID for host=www.website.com, path >>> /tomcatWebappName/someServlet. >>> The browser sees the cookie for that path on the response (check - >>> it is set). You then ask for /someServlet and there is no cookie >>> with that path (the hosts match, of course) and so the browser does >>> not send the cookie along. No cookie (JSESSIONID), no session. >>> >>> Tim >>> >>> P.s. see >>> http://marc.theaimsgroup.com/?l=tomcat-user&m=113761657202592&w=2 >>> >>> >>> >>> >>> >>> >>>> -----Original Message----- >>>> From: Pete Lamborne [mailto:[EMAIL PROTECTED] >>>> Sent: Thursday, February 23, 2006 7:21 PM >>>> To: Tomcat Users List >>>> Subject: mod_rewrite losing session >>>> >>>> >>>> Hi all, >>>> I am having a problem when using mod_rewrite to hide the Tomcat >>>> webapp/context name, where it spawns a new session with each request. >>>> >>>> I am using apache2.2 and mod_proxy_ajp to dispatch the request and >>>> tomcat 5.5.9 >>>> >>>> So if I try to send this URL: http://www.website.com/someServlet >>>> >>>> to >>>> >>>> http://www.website.com/tomcatWebappName/someServlet >>>> >>>> with mod_rewrite, it's a new session with every request. >>>> >>>> Any ideas? >>>> thanks >>>> pete >>>> >>>> >>>> >>>> >>>> ------------------------------------------------------------------- >>>> -- To unsubscribe, e-mail: [EMAIL PROTECTED] >>>> For additional commands, e-mail: [EMAIL PROTECTED] >>>> >>>> >>>> >>>> >>> >>> -------------------------------------------------------------------- >>> - To unsubscribe, e-mail: [EMAIL PROTECTED] >>> For additional commands, e-mail: [EMAIL PROTECTED] >>> >>> >>> >>> >>> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
