RE: session problems: www.blahblah.com versus blahblah.com
Ignore my last mail, this way is better. Ta Matt -Original Message- From: David Smith [mailto:[EMAIL PROTECTED] Sent: 16 August 2005 13:42 To: Tomcat Users List Subject: Re: session problems: www.blahblah.com versus blahblah.com I would imagine the other way to do this is to implement a filter looking for people trying to reach blahblah.com and returning a 302 redirect to www.blahblah.com. That would give them all the proper cookie from the start and could be implemented accross all your webapp resources at once. --David Michael Teter wrote: >I guess I was hoping there was some server-level redirect. > >I'm not sure how I would put the meta redirect in all my pages. My >app is a complicated mess (my fault - my lack of skill). > >The issue is that my users are clicking a PayPal "Subscribe" button, >which sends them off to PayPal. Part of the hidden information sent >to PayPal when the user clicks that button is the return path. > >So if user comes to blahblah.com, clicks the Subscribe button it sends >them to PayPal with a return path of www.blahblah.com (because that's >what I'm telling PayPal to do.) I'm thinking now I can just look at >the URL they're at now and set my PayPal return path dynamically... If >they're here as blahblah.com, I make sure to tell the PayPal form that >the return path is blahblah.com. If www, then return to www... > >Thanks for your suggestion though. I can even continue using PayPal's >encrypted buttons - I'll just make two buttons, one for www, and >theother for just blahblah, and display the appropriate button based >on current situation. > >Still, I think I was hoping that somewhere in server.xml I could say >"all requests for blahblah.com should be mapped to www.blahblah.com." > >Thanks all. > >On 8/16/05, Peter Rossbach <[EMAIL PROTECTED]> wrote: > > >>Hey Michael, >> >>I look inside the tomcat source and find that we don't set the cookie >>hostname attribute. >>That means that the calling client/browser must made the hostname >>handling. I also >>thing the redirect way is currently right direction. >> >>Peter >> >>Paul Singleton schrieb: >> >> >> >>>Michael Teter wrote: >>> >>> >>> >>>>If my users come to "blahblah.com", then go away, then return, they >>>>get a new session id (for www.blahblah.com). >>>> >>>>But if they come to www.blahblah.com, leave, and return (via link from >>>>external site), they keep the same session. >>>> >>>>I finally discovered that the browser (Firefox in this case) ends up >>>>with two different session cookies - one for www.blahblah.com and one >>>>for blahblah.com. >>>> >>>> >>>this behaviour seems reasonable to me... >>> >>> >>> >>>>What's the right thing to do to solve this? >>>> >>>> >>>it doesn't need solving, just accepting :-) >>> >>>but assuming you want www.blahblah.com and blahblah.com >>>to behave (session-wise) like one domain, which they aren't, >>>you could redirect (client-side) from www.blahblah.com >>>(which IMHO is the redundant/obsolete/legacy domain) to >>>blahblah.com, which allocates sessions and dishes out cookies. >>> >>>i.e. www.blahblah.com is a static site which just serves e.g. >>> >>> >>> >>><%= a.appTitle %>: redirection page >>>http://blahblah.com"; /> >>> >>> http://blahblah.com')"> >>> >>> >>> >>> >>>NB I haven't actually *tried* this :-) >>> >>>Paul Singleton >>> >>> >>> >>> >> >> >>- >>To unsubscribe, e-mail: [EMAIL PROTECTED] >>For additional commands, e-mail: [EMAIL PROTECTED] >> >> >> >> > >- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] > > > -- === David Smith Network Operations Supervisor Department of Entomology College of Agriculture & Life Sciences Cornell University 2132 Comstock Hall Ithaca, NY 14853 Phone: 607.255.9571 Fax: 607.255.0939 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: session problems: www.blahblah.com versus blahblah.com
I would imagine the other way to do this is to implement a filter looking for people trying to reach blahblah.com and returning a 302 redirect to www.blahblah.com. That would give them all the proper cookie from the start and could be implemented accross all your webapp resources at once. --David Michael Teter wrote: >I guess I was hoping there was some server-level redirect. > >I'm not sure how I would put the meta redirect in all my pages. My >app is a complicated mess (my fault - my lack of skill). > >The issue is that my users are clicking a PayPal "Subscribe" button, >which sends them off to PayPal. Part of the hidden information sent >to PayPal when the user clicks that button is the return path. > >So if user comes to blahblah.com, clicks the Subscribe button it sends >them to PayPal with a return path of www.blahblah.com (because that's >what I'm telling PayPal to do.) I'm thinking now I can just look at >the URL they're at now and set my PayPal return path dynamically... If >they're here as blahblah.com, I make sure to tell the PayPal form that >the return path is blahblah.com. If www, then return to www... > >Thanks for your suggestion though. I can even continue using PayPal's >encrypted buttons - I'll just make two buttons, one for www, and >theother for just blahblah, and display the appropriate button based >on current situation. > >Still, I think I was hoping that somewhere in server.xml I could say >"all requests for blahblah.com should be mapped to www.blahblah.com." > >Thanks all. > >On 8/16/05, Peter Rossbach <[EMAIL PROTECTED]> wrote: > > >>Hey Michael, >> >>I look inside the tomcat source and find that we don't set the cookie >>hostname attribute. >>That means that the calling client/browser must made the hostname >>handling. I also >>thing the redirect way is currently right direction. >> >>Peter >> >>Paul Singleton schrieb: >> >> >> >>>Michael Teter wrote: >>> >>> >>> If my users come to "blahblah.com", then go away, then return, they get a new session id (for www.blahblah.com). But if they come to www.blahblah.com, leave, and return (via link from external site), they keep the same session. I finally discovered that the browser (Firefox in this case) ends up with two different session cookies - one for www.blahblah.com and one for blahblah.com. >>>this behaviour seems reasonable to me... >>> >>> >>> What's the right thing to do to solve this? >>>it doesn't need solving, just accepting :-) >>> >>>but assuming you want www.blahblah.com and blahblah.com >>>to behave (session-wise) like one domain, which they aren't, >>>you could redirect (client-side) from www.blahblah.com >>>(which IMHO is the redundant/obsolete/legacy domain) to >>>blahblah.com, which allocates sessions and dishes out cookies. >>> >>>i.e. www.blahblah.com is a static site which just serves e.g. >>> >>> >>> >>><%= a.appTitle %>: redirection page >>>http://blahblah.com"; /> >>> >>> http://blahblah.com')"> >>> >>> >>> >>> >>>NB I haven't actually *tried* this :-) >>> >>>Paul Singleton >>> >>> >>> >>> >> >> >>- >>To unsubscribe, e-mail: [EMAIL PROTECTED] >>For additional commands, e-mail: [EMAIL PROTECTED] >> >> >> >> > >- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] > > > -- === David Smith Network Operations Supervisor Department of Entomology College of Agriculture & Life Sciences Cornell University 2132 Comstock Hall Ithaca, NY 14853 Phone: 607.255.9571 Fax: 607.255.0939 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: session problems: www.blahblah.com versus blahblah.com
I'm not sure if this is the only or best way but you could create virtual hosts within your server.xml, one for each domain. Then obviously your code will only exist in one of the domains and the other you can do the redirect stuff. -Original Message- From: Michael Teter [mailto:[EMAIL PROTECTED] Sent: 16 August 2005 13:17 To: Tomcat Users List Subject: Re: session problems: www.blahblah.com versus blahblah.com I guess I was hoping there was some server-level redirect. I'm not sure how I would put the meta redirect in all my pages. My app is a complicated mess (my fault - my lack of skill). The issue is that my users are clicking a PayPal "Subscribe" button, which sends them off to PayPal. Part of the hidden information sent to PayPal when the user clicks that button is the return path. So if user comes to blahblah.com, clicks the Subscribe button it sends them to PayPal with a return path of www.blahblah.com (because that's what I'm telling PayPal to do.) I'm thinking now I can just look at the URL they're at now and set my PayPal return path dynamically... If they're here as blahblah.com, I make sure to tell the PayPal form that the return path is blahblah.com. If www, then return to www... Thanks for your suggestion though. I can even continue using PayPal's encrypted buttons - I'll just make two buttons, one for www, and theother for just blahblah, and display the appropriate button based on current situation. Still, I think I was hoping that somewhere in server.xml I could say "all requests for blahblah.com should be mapped to www.blahblah.com." Thanks all. On 8/16/05, Peter Rossbach <[EMAIL PROTECTED]> wrote: > Hey Michael, > > I look inside the tomcat source and find that we don't set the cookie > hostname attribute. > That means that the calling client/browser must made the hostname > handling. I also > thing the redirect way is currently right direction. > > Peter > > Paul Singleton schrieb: > > > Michael Teter wrote: > > > >> If my users come to "blahblah.com", then go away, then return, they > >> get a new session id (for www.blahblah.com). > >> > >> But if they come to www.blahblah.com, leave, and return (via link from > >> external site), they keep the same session. > >> > >> I finally discovered that the browser (Firefox in this case) ends up > >> with two different session cookies - one for www.blahblah.com and one > >> for blahblah.com. > > > > > > this behaviour seems reasonable to me... > > > >> What's the right thing to do to solve this? > > > > > > it doesn't need solving, just accepting :-) > > > > but assuming you want www.blahblah.com and blahblah.com > > to behave (session-wise) like one domain, which they aren't, > > you could redirect (client-side) from www.blahblah.com > > (which IMHO is the redundant/obsolete/legacy domain) to > > blahblah.com, which allocates sessions and dishes out cookies. > > > > i.e. www.blahblah.com is a static site which just serves e.g. > > > > > > > > <%= a.appTitle %>: redirection page > > http://blahblah.com"; /> > > > > http://blahblah.com')"> > > > > > > > > > > NB I haven't actually *tried* this :-) > > > > Paul Singleton > > > > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: session problems: www.blahblah.com versus blahblah.com
I guess I was hoping there was some server-level redirect. I'm not sure how I would put the meta redirect in all my pages. My app is a complicated mess (my fault - my lack of skill). The issue is that my users are clicking a PayPal "Subscribe" button, which sends them off to PayPal. Part of the hidden information sent to PayPal when the user clicks that button is the return path. So if user comes to blahblah.com, clicks the Subscribe button it sends them to PayPal with a return path of www.blahblah.com (because that's what I'm telling PayPal to do.) I'm thinking now I can just look at the URL they're at now and set my PayPal return path dynamically... If they're here as blahblah.com, I make sure to tell the PayPal form that the return path is blahblah.com. If www, then return to www... Thanks for your suggestion though. I can even continue using PayPal's encrypted buttons - I'll just make two buttons, one for www, and theother for just blahblah, and display the appropriate button based on current situation. Still, I think I was hoping that somewhere in server.xml I could say "all requests for blahblah.com should be mapped to www.blahblah.com." Thanks all. On 8/16/05, Peter Rossbach <[EMAIL PROTECTED]> wrote: > Hey Michael, > > I look inside the tomcat source and find that we don't set the cookie > hostname attribute. > That means that the calling client/browser must made the hostname > handling. I also > thing the redirect way is currently right direction. > > Peter > > Paul Singleton schrieb: > > > Michael Teter wrote: > > > >> If my users come to "blahblah.com", then go away, then return, they > >> get a new session id (for www.blahblah.com). > >> > >> But if they come to www.blahblah.com, leave, and return (via link from > >> external site), they keep the same session. > >> > >> I finally discovered that the browser (Firefox in this case) ends up > >> with two different session cookies - one for www.blahblah.com and one > >> for blahblah.com. > > > > > > this behaviour seems reasonable to me... > > > >> What's the right thing to do to solve this? > > > > > > it doesn't need solving, just accepting :-) > > > > but assuming you want www.blahblah.com and blahblah.com > > to behave (session-wise) like one domain, which they aren't, > > you could redirect (client-side) from www.blahblah.com > > (which IMHO is the redundant/obsolete/legacy domain) to > > blahblah.com, which allocates sessions and dishes out cookies. > > > > i.e. www.blahblah.com is a static site which just serves e.g. > > > > > > > > <%= a.appTitle %>: redirection page > > http://blahblah.com"; /> > > > > http://blahblah.com')"> > > > > > > > > > > NB I haven't actually *tried* this :-) > > > > Paul Singleton > > > > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: session problems: www.blahblah.com versus blahblah.com
Hey Michael, I look inside the tomcat source and find that we don't set the cookie hostname attribute. That means that the calling client/browser must made the hostname handling. I also thing the redirect way is currently right direction. Peter Paul Singleton schrieb: Michael Teter wrote: If my users come to "blahblah.com", then go away, then return, they get a new session id (for www.blahblah.com). But if they come to www.blahblah.com, leave, and return (via link from external site), they keep the same session. I finally discovered that the browser (Firefox in this case) ends up with two different session cookies - one for www.blahblah.com and one for blahblah.com. this behaviour seems reasonable to me... What's the right thing to do to solve this? it doesn't need solving, just accepting :-) but assuming you want www.blahblah.com and blahblah.com to behave (session-wise) like one domain, which they aren't, you could redirect (client-side) from www.blahblah.com (which IMHO is the redundant/obsolete/legacy domain) to blahblah.com, which allocates sessions and dishes out cookies. i.e. www.blahblah.com is a static site which just serves e.g. <%= a.appTitle %>: redirection page http://blahblah.com"; /> http://blahblah.com')"> NB I haven't actually *tried* this :-) Paul Singleton - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: session problems: www.blahblah.com versus blahblah.com
Michael Teter wrote: If my users come to "blahblah.com", then go away, then return, they get a new session id (for www.blahblah.com). But if they come to www.blahblah.com, leave, and return (via link from external site), they keep the same session. I finally discovered that the browser (Firefox in this case) ends up with two different session cookies - one for www.blahblah.com and one for blahblah.com. this behaviour seems reasonable to me... What's the right thing to do to solve this? it doesn't need solving, just accepting :-) but assuming you want www.blahblah.com and blahblah.com to behave (session-wise) like one domain, which they aren't, you could redirect (client-side) from www.blahblah.com (which IMHO is the redundant/obsolete/legacy domain) to blahblah.com, which allocates sessions and dishes out cookies. i.e. www.blahblah.com is a static site which just serves e.g. <%= a.appTitle %>: redirection page http://blahblah.com"; /> http://blahblah.com')"> NB I haven't actually *tried* this :-) Paul Singleton -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.338 / Virus Database: 267.10.9/72 - Release Date: 14/Aug/2005 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: session problems: www.blahblah.com versus blahblah.com
Great. I don't mean to be a bonehead, but what's the right way to redirect based on name? I'm not using Apache on the front, so I don't have the mod_rewrite (nor do I understand how to use it... yet). On 8/15/05, Dale, Matt <[EMAIL PROTECTED]> wrote: > > I'm not sure if there is a technical way to do this or not as it's the > browser that saves the cookie based on the current URL. > > The way I would do this is to not allow the user to create a session in one > of them in the first place. ie, if they browse to blahblah.com then just > redirect them to www.blahblah.com so that whenever they are interacting with > the webapp. > > Ta > Matt > > -Original Message- > From: Michael Teter [mailto:[EMAIL PROTECTED] > Sent: 15 August 2005 21:05 > To: Tomcat Users List > Cc: [EMAIL PROTECTED] > Subject: Re: session problems: www.blahblah.com versus blahblah.com > > > I tried that, but it's not working. > > I tried: > > www.blahblah.com > > > and I also tried: > > blahblah.com > > > Both ways, I still got a session cookie associated with the name the > user entered as the address. If the user then changed the address to > www., it created a new session and session cookie (with the new name). > > On 8/15/05, Peter Rossbach <[EMAIL PROTECTED]> wrote: > > Hmm, > > > > I thing a host alias at for your tomcat configuration was helpfull :-) > > > > > > www.blahblah.com > > > > > > > > Peter > > > > Michael Teter schrieb: > > > > >Howdy. > > > > > >I'm having some problems with sessions. > > > > > >If my users come to "blahblah.com", then go away, then return, they > > >get a new session id (for www.blahblah.com). > > > > > >But if they come to www.blahblah.com, leave, and return (via link from > > >external site), they keep the same session. > > > > > >I finally discovered that the browser (Firefox in this case) ends up > > >with two different session cookies - one for www.blahblah.com and one > > >for blahblah.com. > > > > > >What's the right thing to do to solve this? > > > > > >Thanks much. > > > > > >- > > >To unsubscribe, e-mail: [EMAIL PROTECTED] > > >For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > > > > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: session problems: www.blahblah.com versus blahblah.com
I'm not sure if there is a technical way to do this or not as it's the browser that saves the cookie based on the current URL. The way I would do this is to not allow the user to create a session in one of them in the first place. ie, if they browse to blahblah.com then just redirect them to www.blahblah.com so that whenever they are interacting with the webapp. Ta Matt -Original Message- From: Michael Teter [mailto:[EMAIL PROTECTED] Sent: 15 August 2005 21:05 To: Tomcat Users List Cc: [EMAIL PROTECTED] Subject: Re: session problems: www.blahblah.com versus blahblah.com I tried that, but it's not working. I tried: www.blahblah.com and I also tried: blahblah.com Both ways, I still got a session cookie associated with the name the user entered as the address. If the user then changed the address to www., it created a new session and session cookie (with the new name). On 8/15/05, Peter Rossbach <[EMAIL PROTECTED]> wrote: > Hmm, > > I thing a host alias at for your tomcat configuration was helpfull :-) > > > www.blahblah.com > > > > Peter > > Michael Teter schrieb: > > >Howdy. > > > >I'm having some problems with sessions. > > > >If my users come to "blahblah.com", then go away, then return, they > >get a new session id (for www.blahblah.com). > > > >But if they come to www.blahblah.com, leave, and return (via link from > >external site), they keep the same session. > > > >I finally discovered that the browser (Firefox in this case) ends up > >with two different session cookies - one for www.blahblah.com and one > >for blahblah.com. > > > >What's the right thing to do to solve this? > > > >Thanks much. > > > >- > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: session problems: www.blahblah.com versus blahblah.com
I tried that, but it's not working. I tried: www.blahblah.com and I also tried: blahblah.com Both ways, I still got a session cookie associated with the name the user entered as the address. If the user then changed the address to www., it created a new session and session cookie (with the new name). On 8/15/05, Peter Rossbach <[EMAIL PROTECTED]> wrote: > Hmm, > > I thing a host alias at for your tomcat configuration was helpfull :-) > > > www.blahblah.com > > > > Peter > > Michael Teter schrieb: > > >Howdy. > > > >I'm having some problems with sessions. > > > >If my users come to "blahblah.com", then go away, then return, they > >get a new session id (for www.blahblah.com). > > > >But if they come to www.blahblah.com, leave, and return (via link from > >external site), they keep the same session. > > > >I finally discovered that the browser (Firefox in this case) ends up > >with two different session cookies - one for www.blahblah.com and one > >for blahblah.com. > > > >What's the right thing to do to solve this? > > > >Thanks much. > > > >- > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: session problems: www.blahblah.com versus blahblah.com
Hmm, I thing a host alias at for your tomcat configuration was helpfull :-) www.blahblah.com Peter Michael Teter schrieb: Howdy. I'm having some problems with sessions. If my users come to "blahblah.com", then go away, then return, they get a new session id (for www.blahblah.com). But if they come to www.blahblah.com, leave, and return (via link from external site), they keep the same session. I finally discovered that the browser (Firefox in this case) ends up with two different session cookies - one for www.blahblah.com and one for blahblah.com. What's the right thing to do to solve this? Thanks much. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
