Re: Help with overriding default cookie name
Chris, Thanks for getting back to me. I did end up solving the problem, and it was not a bug or related in any way to what Tomcat is doing. It ended up being a (very buried) property setting of the application that is not documented anywhere. A lot of grep-ing lead me to the realization. After setting the property, Tomcat behaves as expected and obeys the application's desired cookie name. Thanks again for letting me bounce my ideas off you, much appreciated! Cheers, Brian Jones Programmer/Analyst Information Technology Services Support Services Building, Suite 4300 Western University (519) 661-2111 x86969 bjone...@uwo.ca On 2015-04-29 05:18 PM, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Brian, On 4/21/15 3:21 PM, Brian Jones wrote: Chris, thanks for getting back to me! I'm trying to override the default cookie name (JSESSIONID) for one of my Tomcat7 instances. I put the following in $catalina_home/conf/context.xml: Context sessionCookieName=MyCookie That will change the session cookie name for all applications deployed on the server, and not just one web application. Is that what you wanted ? Yes, this is what I'm after. I'm working on an enterprise application which is comprised of over 70 webapps all working together. I need to change it for everything, as they all obey a single cookie. However, after restarting Tomcat, the setting isn't being applied; the cookie always remains as JSESSIONID rather than MyCookie. My environment is: tomcat 7.0.39, java 1.7.0_79, kubuntu 14.10. Can anyone shed some light on how/where $catalina_home/conf/context.xml is loaded? Or any ideas, suggestions, etc are appreciated. I would have expected what you did to work. Do you have a separate CATALINA_BASE as well as a CATALINA_HOME? If so, the CATALINA_BASE/conf/context.xml will *completely override* the one in CATALINA_HOME/conf/context.xml. I don't believe so, output from ./shutdown.sh: Using CATALINA_BASE: /opt/apache-tomcat-7.0.39 Using CATALINA_OWL: /opt/apache-tomcat-7.0.39 Using CATALINA_TMPDIR: /opt/apache-tomcat-7.0.39/temp Using JRE_HOME: /usr/lib/jvm/java-7-openjdk-amd64 Using CLASSPATH: /opt/apache-tomcat-7.0.39/bin/bootstrap.jar:/opt/apache-tomcat-7.0.39/ bin/tomcat-juli.jar It would probably be better to set the configuration in your web application's META-INF/context.xml file. Give that a try and see if it gives you the desired effect. The problem with doing this, is that as the application is open source, modifying each subtool's context.xml would fork me from the community. The only reason I'm trying to accomplish this, is because I have two versions of the application running in two different Tomcats; one is the community version, one is my institution's localized/modifyied version. I need to be able to run both simultaneously for comparison purposes. However, because both Tomcats/applications are using the same JSESSIONID as the cookie name, if I start a session on one Tomcat, it invalidates the session on the other. Anything else you can think of? Do you perhaps know how/where Tomcat is loading up the $catalina_home/conf/context.xml file? If that is known, I can perhaps modify (hack) it to point explicitly to the context.xml file that I have the sessionCookieName set. Sorry for the delayed response. I just wanted you to try to configure using META-INF/context.xml to see if that made the difference. That test will determine whether this is a bug in Tomcat (the feature doesn't work) or if Tomcat does not allow certain things to be overridden locally (e.g. the cookie name) and therefore this is an enhancement. I rather think that your expectations are reasonable, so assuming it's not a bug, I'm +1 for supporting site-wide cookie-name changes. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v2 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJVQUq/AAoJEBzwKT+lPKRYYroP/Ao8Vdb2eL5ExJruAZdS/xKt dzd2pVn4UTFXc1Pl8j7ShmlnBgm9VK6ls8NyGQTtshsNjO0/NaYof6mrBgiwZdAU cnZci10Oz1er3qLHY5kBC1gnWajba3pg37hMPYWvwLTNvypnPwpCotBAnzHRbDDO rU+MoGwxyi54YgAF26ewC2WUd9dy8kbLZdBis3PfE+bVNt8Ao/iA+8u9vjFzOfRv nYaY0HxnV8VbiE54kLTdmbBQtfA3YpTyzxNZCEb5XP0AZvhQazqUQSmw773UBW2c p9ovKirJ1axahdMfqYQ12HWE7ajeiONU9Q3PatVjC5fy+/uNMiGKm77cq9gr6MGG JDe+PTcNNpsKVwyz+h5RzjnJALrW1GuUaxMb5NhgRMEHK6Vgo37lmkN2Db4f494Q WkFkdjV03+ylQ88M8M+s+ubDKNVmZ0WalJsQrhePa9Q3LjTD8W71jSe5IMJT2MwP 8SEP4o4MPORaH9BlJJVYHBVYHgfuFnhXV2zqaOKph1fTvuczKjuL9LXmOlpalNsv N0FPo/1X4NkMGf2tNAO1UzF5xc/FMSllH6wuFKC3cmTHvxaqwUdcZeV0vWxbIo1c HLwhCxCPaYDuA5xgIS3JCr1HXlXY1bAQHsCWCFwbcc1C73me5qAsF0UliEC9h5mZ Sh0kPbkRrI0bJA6Kcm0v =jK03 -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For
Re: Help with overriding default cookie name
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Brian, On 4/21/15 3:21 PM, Brian Jones wrote: Chris, thanks for getting back to me! I'm trying to override the default cookie name (JSESSIONID) for one of my Tomcat7 instances. I put the following in $catalina_home/conf/context.xml: Context sessionCookieName=MyCookie That will change the session cookie name for all applications deployed on the server, and not just one web application. Is that what you wanted ? Yes, this is what I'm after. I'm working on an enterprise application which is comprised of over 70 webapps all working together. I need to change it for everything, as they all obey a single cookie. However, after restarting Tomcat, the setting isn't being applied; the cookie always remains as JSESSIONID rather than MyCookie. My environment is: tomcat 7.0.39, java 1.7.0_79, kubuntu 14.10. Can anyone shed some light on how/where $catalina_home/conf/context.xml is loaded? Or any ideas, suggestions, etc are appreciated. I would have expected what you did to work. Do you have a separate CATALINA_BASE as well as a CATALINA_HOME? If so, the CATALINA_BASE/conf/context.xml will *completely override* the one in CATALINA_HOME/conf/context.xml. I don't believe so, output from ./shutdown.sh: Using CATALINA_BASE: /opt/apache-tomcat-7.0.39 Using CATALINA_OWL: /opt/apache-tomcat-7.0.39 Using CATALINA_TMPDIR: /opt/apache-tomcat-7.0.39/temp Using JRE_HOME: /usr/lib/jvm/java-7-openjdk-amd64 Using CLASSPATH: /opt/apache-tomcat-7.0.39/bin/bootstrap.jar:/opt/apache-tomcat-7.0.39/ bin/tomcat-juli.jar It would probably be better to set the configuration in your web application's META-INF/context.xml file. Give that a try and see if it gives you the desired effect. The problem with doing this, is that as the application is open source, modifying each subtool's context.xml would fork me from the community. The only reason I'm trying to accomplish this, is because I have two versions of the application running in two different Tomcats; one is the community version, one is my institution's localized/modifyied version. I need to be able to run both simultaneously for comparison purposes. However, because both Tomcats/applications are using the same JSESSIONID as the cookie name, if I start a session on one Tomcat, it invalidates the session on the other. Anything else you can think of? Do you perhaps know how/where Tomcat is loading up the $catalina_home/conf/context.xml file? If that is known, I can perhaps modify (hack) it to point explicitly to the context.xml file that I have the sessionCookieName set. Sorry for the delayed response. I just wanted you to try to configure using META-INF/context.xml to see if that made the difference. That test will determine whether this is a bug in Tomcat (the feature doesn't work) or if Tomcat does not allow certain things to be overridden locally (e.g. the cookie name) and therefore this is an enhancement. I rather think that your expectations are reasonable, so assuming it's not a bug, I'm +1 for supporting site-wide cookie-name changes. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v2 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJVQUq/AAoJEBzwKT+lPKRYYroP/Ao8Vdb2eL5ExJruAZdS/xKt dzd2pVn4UTFXc1Pl8j7ShmlnBgm9VK6ls8NyGQTtshsNjO0/NaYof6mrBgiwZdAU cnZci10Oz1er3qLHY5kBC1gnWajba3pg37hMPYWvwLTNvypnPwpCotBAnzHRbDDO rU+MoGwxyi54YgAF26ewC2WUd9dy8kbLZdBis3PfE+bVNt8Ao/iA+8u9vjFzOfRv nYaY0HxnV8VbiE54kLTdmbBQtfA3YpTyzxNZCEb5XP0AZvhQazqUQSmw773UBW2c p9ovKirJ1axahdMfqYQ12HWE7ajeiONU9Q3PatVjC5fy+/uNMiGKm77cq9gr6MGG JDe+PTcNNpsKVwyz+h5RzjnJALrW1GuUaxMb5NhgRMEHK6Vgo37lmkN2Db4f494Q WkFkdjV03+ylQ88M8M+s+ubDKNVmZ0WalJsQrhePa9Q3LjTD8W71jSe5IMJT2MwP 8SEP4o4MPORaH9BlJJVYHBVYHgfuFnhXV2zqaOKph1fTvuczKjuL9LXmOlpalNsv N0FPo/1X4NkMGf2tNAO1UzF5xc/FMSllH6wuFKC3cmTHvxaqwUdcZeV0vWxbIo1c HLwhCxCPaYDuA5xgIS3JCr1HXlXY1bAQHsCWCFwbcc1C73me5qAsF0UliEC9h5mZ Sh0kPbkRrI0bJA6Kcm0v =jK03 -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Help with overriding default cookie name
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Brian, On 4/29/15 5:42 PM, Brian Jones wrote: Thanks for getting back to me. I did end up solving the problem, and it was not a bug or related in any way to what Tomcat is doing. It ended up being a (very buried) property setting of the application that is not documented anywhere. A lot of grep-ing lead me to the realization. After setting the property, Tomcat behaves as expected and obeys the application's desired cookie name. Those are always the most fun features (the undocumented ones). Thanks again for letting me bounce my ideas off you, much appreciated! No problem. Now you can focus on upgrading to Tomcat 8 ;) - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v2 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJVQVOuAAoJEBzwKT+lPKRYbEwP/Auasoyu/I3L1tIcEwO8SxNr AzM9jUakad+RbvHDm6j7/0gptT330mPRA4m6QKrFEGrVzNBOplYeZg2czgFf2gSo keE5Yvwu80H1LpI0DHfmGyyn5k0GDJC1KWSeC4gRWLoWYIuNCpck4zvVOON0Pfa+ 5QyXPItMLGV/XfZaZF+aSyFestEHW69Ia6yWNDKukHNyZEe+XfeMZHSsPa00Jet5 ulOQ1HD+BNTc+omNKb/sExYSZoXJLBce4NBrTfc2GF8v62OsJRJM//C6dVV5kOuu WsGP/e7BR8zU1YketcUG4Y/CgTGVxwSMynYi3O24cHnEnEBxGaO8ddPr5w+TwYmp azer2a1xkz6ABTcswJTjZTA/EjAKVQheVkTOBWDafMXzhhmXTeWrpNo2UJbZeNrG z7lWK7ia0ed4gRa/2We5heNNLSB8lzlgbHdhqx1+E0HG+VVYB8/iy5ZK83tSVw3V l9u3T1pf91MzYglrJeQ5nI1e1bHbyOP0PEB3mwx2GFSDbRJRQCRu+7009u4Vmb+S s6TZBPTLw2LOZmgxLAcvw33HOSxPbxqFAkSr8nfjWc6rVnG+vAhfsAO0adLi6XR7 U2sx445t+Uu0BTwAYAyewsQTeQg/+e123n1XK7QHO1lTUwRYWcFEGRil2GRwJrAD jJiGct+Ky/2VQObhdCcs =jO9l -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Help with overriding default cookie name
Hello, I'm trying to override the default cookie name (JSESSIONID) for one of my Tomcat7 instances. I put the following in $catalina_home/conf/context.xml: Context sessionCookieName=MyCookie However, after restarting Tomcat, the setting isn't being applied; the cookie always remains as JSESSIONID rather than MyCookie. My environment is: tomcat 7.0.39, java 1.7.0_79, kubuntu 14.10. Can anyone shed some light on how/where $catalina_home/conf/context.xml is loaded? Or any ideas, suggestions, etc are appreciated. Cheers, Brian Jones Programmer/Analyst Information Technology Services Support Services Building, Suite 4300 Western University (519) 661-2111 x86969 bjone...@uwo.ca - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Help with overriding default cookie name
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Brian, On 4/21/15 1:14 PM, Brian Jones wrote: I'm trying to override the default cookie name (JSESSIONID) for one of my Tomcat7 instances. I put the following in $catalina_home/conf/context.xml: Context sessionCookieName=MyCookie That will change the session cookie name for all applications deployed on the server, and not just one web application. Is that what you wanted ? However, after restarting Tomcat, the setting isn't being applied; the cookie always remains as JSESSIONID rather than MyCookie. My environment is: tomcat 7.0.39, java 1.7.0_79, kubuntu 14.10. Can anyone shed some light on how/where $catalina_home/conf/context.xml is loaded? Or any ideas, suggestions, etc are appreciated. I would have expected what you did to work. Do you have a separate CATALINA_BASE as well as a CATALINA_HOME? If so, the CATALINA_BASE/conf/context.xml will *completely override* the one in CATALINA_HOME/conf/context.xml. It would probably be better to set the configuration in your web application's META-INF/context.xml file. Give that a try and see if it gives you the desired effect. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v2 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJVNppOAAoJEBzwKT+lPKRYo+oP/1E4/xSTSBGjjVC7rZ9LEaQB d70saLAAZPVsR6MFo+v9qdBwaGrN6YYibHUlvgnADtaucuMEmCB9QQzlWeJcvHo5 IAiMDL1bUAr61iNYKgPn/XASUQUNKZ2ZHemWzsMhRF7dJDFylt1aIJk4Igeeyg96 TZ9cEONHdZYMfguH3A5jNkTDbL0YlTvGlDxR9S3qJ1fpTzQJ9Y4xwKwNh/SdxBuE VPR0dBrbFEPPnxF33v9gXKroPELWQgc/648qz119WNWNy5+x8SWe2MfcE7XTTPTD BJjj8UzxY17gWRs+s+OQydBM5xv8+UNm1oR21mjRglLiyQG5lLe9eeRi5JgoHM3I lQXmQX8bJdqBQN0VfxkWt9NxZAE+8XuYIwEYKQXCnfDYgkbL6N6ph5VV/RU7iL12 aJcoo7QtSTtVGmsB64HBJEt88v/WXnOIQ92ckfYtfgyefSWF7wqsVaAks6I5qUV9 5jjSYGzv2jl2AEhHiUv5vHTRo85z0Eq7DI1qtqLTFFNoaaNyYpvUlIfRgzWz0+AR 8/+zO7gPwOyhqUB+rVHehA3nIb9IsiXNUABw2gdcNwvziX1F1RfLbTUq9uTKfUNa G6cllAqoTZi/LUtn2HHK2oGh/HWYOpHM0VOlMmQ9m1mSgVTpJF1vF0Qto3WlGOEp FRZRlGreI9G5QfXUvS0X =/g1r -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Help with overriding default cookie name
Chris, thanks for getting back to me! I'm trying to override the default cookie name (JSESSIONID) for one of my Tomcat7 instances. I put the following in $catalina_home/conf/context.xml: Context sessionCookieName=MyCookie That will change the session cookie name for all applications deployed on the server, and not just one web application. Is that what you wanted ? Yes, this is what I'm after. I'm working on an enterprise application which is comprised of over 70 webapps all working together. I need to change it for everything, as they all obey a single cookie. However, after restarting Tomcat, the setting isn't being applied; the cookie always remains as JSESSIONID rather than MyCookie. My environment is: tomcat 7.0.39, java 1.7.0_79, kubuntu 14.10. Can anyone shed some light on how/where $catalina_home/conf/context.xml is loaded? Or any ideas, suggestions, etc are appreciated. I would have expected what you did to work. Do you have a separate CATALINA_BASE as well as a CATALINA_HOME? If so, the CATALINA_BASE/conf/context.xml will *completely override* the one in CATALINA_HOME/conf/context.xml. I don't believe so, output from ./shutdown.sh: Using CATALINA_BASE: /opt/apache-tomcat-7.0.39 Using CATALINA_OWL: /opt/apache-tomcat-7.0.39 Using CATALINA_TMPDIR: /opt/apache-tomcat-7.0.39/temp Using JRE_HOME:/usr/lib/jvm/java-7-openjdk-amd64 Using CLASSPATH: /opt/apache-tomcat-7.0.39/bin/bootstrap.jar:/opt/apache-tomcat-7.0.39/bin/tomcat-juli.jar It would probably be better to set the configuration in your web application's META-INF/context.xml file. Give that a try and see if it gives you the desired effect. The problem with doing this, is that as the application is open source, modifying each subtool's context.xml would fork me from the community. The only reason I'm trying to accomplish this, is because I have two versions of the application running in two different Tomcats; one is the community version, one is my institution's localized/modifyied version. I need to be able to run both simultaneously for comparison purposes. However, because both Tomcats/applications are using the same JSESSIONID as the cookie name, if I start a session on one Tomcat, it invalidates the session on the other. Anything else you can think of? Do you perhaps know how/where Tomcat is loading up the $catalina_home/conf/context.xml file? If that is known, I can perhaps modify (hack) it to point explicitly to the context.xml file that I have the sessionCookieName set. Thanks again, Brian - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
