Re: session problems: www.blahblah.com versus blahblah.com
Hey Michael,
I look inside the tomcat source and find that we don't set the cookie
hostname attribute.
That means that the calling client/browser must made the hostname
handling. I also
thing the redirect way is currently right direction.
Peter
Paul Singleton schrieb:
Michael Teter wrote:
If my users come to blahblah.com, then go away, then return, they
get a new session id (for www.blahblah.com).
But if they come to www.blahblah.com, leave, and return (via link from
external site), they keep the same session.
I finally discovered that the browser (Firefox in this case) ends up
with two different session cookies - one for www.blahblah.com and one
for blahblah.com.
this behaviour seems reasonable to me...
What's the right thing to do to solve this?
it doesn't need solving, just accepting :-)
but assuming you want www.blahblah.com and blahblah.com
to behave (session-wise) like one domain, which they aren't,
you could redirect (client-side) from www.blahblah.com
(which IMHO is the redundant/obsolete/legacy domain) to
blahblah.com, which allocates sessions and dishes out cookies.
i.e. www.blahblah.com is a static site which just serves e.g.
html
head
title%= a.appTitle %: redirection page/title
meta http-equiv=refresh content=0;url=http://blahblah.com; /
/head
body onLoad=window.location.replace('http://blahblah.com')
!-- optional if you are not redirected... blurb --
/body
html
NB I haven't actually *tried* this :-)
Paul Singleton
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: session problems: www.blahblah.com versus blahblah.com
I guess I was hoping there was some server-level redirect.
I'm not sure how I would put the meta redirect in all my pages. My
app is a complicated mess (my fault - my lack of skill).
The issue is that my users are clicking a PayPal Subscribe button,
which sends them off to PayPal. Part of the hidden information sent
to PayPal when the user clicks that button is the return path.
So if user comes to blahblah.com, clicks the Subscribe button it sends
them to PayPal with a return path of www.blahblah.com (because that's
what I'm telling PayPal to do.) I'm thinking now I can just look at
the URL they're at now and set my PayPal return path dynamically... If
they're here as blahblah.com, I make sure to tell the PayPal form that
the return path is blahblah.com. If www, then return to www...
Thanks for your suggestion though. I can even continue using PayPal's
encrypted buttons - I'll just make two buttons, one for www, and
theother for just blahblah, and display the appropriate button based
on current situation.
Still, I think I was hoping that somewhere in server.xml I could say
all requests for blahblah.com should be mapped to www.blahblah.com.
Thanks all.
On 8/16/05, Peter Rossbach [EMAIL PROTECTED] wrote:
Hey Michael,
I look inside the tomcat source and find that we don't set the cookie
hostname attribute.
That means that the calling client/browser must made the hostname
handling. I also
thing the redirect way is currently right direction.
Peter
Paul Singleton schrieb:
Michael Teter wrote:
If my users come to blahblah.com, then go away, then return, they
get a new session id (for www.blahblah.com).
But if they come to www.blahblah.com, leave, and return (via link from
external site), they keep the same session.
I finally discovered that the browser (Firefox in this case) ends up
with two different session cookies - one for www.blahblah.com and one
for blahblah.com.
this behaviour seems reasonable to me...
What's the right thing to do to solve this?
it doesn't need solving, just accepting :-)
but assuming you want www.blahblah.com and blahblah.com
to behave (session-wise) like one domain, which they aren't,
you could redirect (client-side) from www.blahblah.com
(which IMHO is the redundant/obsolete/legacy domain) to
blahblah.com, which allocates sessions and dishes out cookies.
i.e. www.blahblah.com is a static site which just serves e.g.
html
head
title%= a.appTitle %: redirection page/title
meta http-equiv=refresh content=0;url=http://blahblah.com; /
/head
body onLoad=window.location.replace('http://blahblah.com')
!-- optional if you are not redirected... blurb --
/body
html
NB I haven't actually *tried* this :-)
Paul Singleton
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: session problems: www.blahblah.com versus blahblah.com
I'm not sure if this is the only or best way but you could create virtual hosts
within your server.xml, one for each domain. Then obviously your code will only
exist in one of the domains and the other you can do the redirect stuff.
-Original Message-
From: Michael Teter [mailto:[EMAIL PROTECTED]
Sent: 16 August 2005 13:17
To: Tomcat Users List
Subject: Re: session problems: www.blahblah.com versus blahblah.com
I guess I was hoping there was some server-level redirect.
I'm not sure how I would put the meta redirect in all my pages. My
app is a complicated mess (my fault - my lack of skill).
The issue is that my users are clicking a PayPal Subscribe button,
which sends them off to PayPal. Part of the hidden information sent
to PayPal when the user clicks that button is the return path.
So if user comes to blahblah.com, clicks the Subscribe button it sends
them to PayPal with a return path of www.blahblah.com (because that's
what I'm telling PayPal to do.) I'm thinking now I can just look at
the URL they're at now and set my PayPal return path dynamically... If
they're here as blahblah.com, I make sure to tell the PayPal form that
the return path is blahblah.com. If www, then return to www...
Thanks for your suggestion though. I can even continue using PayPal's
encrypted buttons - I'll just make two buttons, one for www, and
theother for just blahblah, and display the appropriate button based
on current situation.
Still, I think I was hoping that somewhere in server.xml I could say
all requests for blahblah.com should be mapped to www.blahblah.com.
Thanks all.
On 8/16/05, Peter Rossbach [EMAIL PROTECTED] wrote:
Hey Michael,
I look inside the tomcat source and find that we don't set the cookie
hostname attribute.
That means that the calling client/browser must made the hostname
handling. I also
thing the redirect way is currently right direction.
Peter
Paul Singleton schrieb:
Michael Teter wrote:
If my users come to blahblah.com, then go away, then return, they
get a new session id (for www.blahblah.com).
But if they come to www.blahblah.com, leave, and return (via link from
external site), they keep the same session.
I finally discovered that the browser (Firefox in this case) ends up
with two different session cookies - one for www.blahblah.com and one
for blahblah.com.
this behaviour seems reasonable to me...
What's the right thing to do to solve this?
it doesn't need solving, just accepting :-)
but assuming you want www.blahblah.com and blahblah.com
to behave (session-wise) like one domain, which they aren't,
you could redirect (client-side) from www.blahblah.com
(which IMHO is the redundant/obsolete/legacy domain) to
blahblah.com, which allocates sessions and dishes out cookies.
i.e. www.blahblah.com is a static site which just serves e.g.
html
head
title%= a.appTitle %: redirection page/title
meta http-equiv=refresh content=0;url=http://blahblah.com; /
/head
body onLoad=window.location.replace('http://blahblah.com')
!-- optional if you are not redirected... blurb --
/body
html
NB I haven't actually *tried* this :-)
Paul Singleton
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: session problems: www.blahblah.com versus blahblah.com
I would imagine the other way to do this is to implement a filter
looking for people trying to reach blahblah.com and returning a 302
redirect to www.blahblah.com. That would give them all the proper
cookie from the start and could be implemented accross all your webapp
resources at once.
--David
Michael Teter wrote:
I guess I was hoping there was some server-level redirect.
I'm not sure how I would put the meta redirect in all my pages. My
app is a complicated mess (my fault - my lack of skill).
The issue is that my users are clicking a PayPal Subscribe button,
which sends them off to PayPal. Part of the hidden information sent
to PayPal when the user clicks that button is the return path.
So if user comes to blahblah.com, clicks the Subscribe button it sends
them to PayPal with a return path of www.blahblah.com (because that's
what I'm telling PayPal to do.) I'm thinking now I can just look at
the URL they're at now and set my PayPal return path dynamically... If
they're here as blahblah.com, I make sure to tell the PayPal form that
the return path is blahblah.com. If www, then return to www...
Thanks for your suggestion though. I can even continue using PayPal's
encrypted buttons - I'll just make two buttons, one for www, and
theother for just blahblah, and display the appropriate button based
on current situation.
Still, I think I was hoping that somewhere in server.xml I could say
all requests for blahblah.com should be mapped to www.blahblah.com.
Thanks all.
On 8/16/05, Peter Rossbach [EMAIL PROTECTED] wrote:
Hey Michael,
I look inside the tomcat source and find that we don't set the cookie
hostname attribute.
That means that the calling client/browser must made the hostname
handling. I also
thing the redirect way is currently right direction.
Peter
Paul Singleton schrieb:
Michael Teter wrote:
If my users come to blahblah.com, then go away, then return, they
get a new session id (for www.blahblah.com).
But if they come to www.blahblah.com, leave, and return (via link from
external site), they keep the same session.
I finally discovered that the browser (Firefox in this case) ends up
with two different session cookies - one for www.blahblah.com and one
for blahblah.com.
this behaviour seems reasonable to me...
What's the right thing to do to solve this?
it doesn't need solving, just accepting :-)
but assuming you want www.blahblah.com and blahblah.com
to behave (session-wise) like one domain, which they aren't,
you could redirect (client-side) from www.blahblah.com
(which IMHO is the redundant/obsolete/legacy domain) to
blahblah.com, which allocates sessions and dishes out cookies.
i.e. www.blahblah.com is a static site which just serves e.g.
html
head
title%= a.appTitle %: redirection page/title
meta http-equiv=refresh content=0;url=http://blahblah.com; /
/head
body onLoad=window.location.replace('http://blahblah.com')
!-- optional if you are not redirected... blurb --
/body
html
NB I haven't actually *tried* this :-)
Paul Singleton
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
===
David Smith
Network Operations Supervisor
Department of Entomology
College of Agriculture Life Sciences
Cornell University
2132 Comstock Hall
Ithaca, NY 14853
Phone: 607.255.9571
Fax: 607.255.0939
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: session problems: www.blahblah.com versus blahblah.com
Ignore my last mail, this way is better.
Ta
Matt
-Original Message-
From: David Smith [mailto:[EMAIL PROTECTED]
Sent: 16 August 2005 13:42
To: Tomcat Users List
Subject: Re: session problems: www.blahblah.com versus blahblah.com
I would imagine the other way to do this is to implement a filter
looking for people trying to reach blahblah.com and returning a 302
redirect to www.blahblah.com. That would give them all the proper
cookie from the start and could be implemented accross all your webapp
resources at once.
--David
Michael Teter wrote:
I guess I was hoping there was some server-level redirect.
I'm not sure how I would put the meta redirect in all my pages. My
app is a complicated mess (my fault - my lack of skill).
The issue is that my users are clicking a PayPal Subscribe button,
which sends them off to PayPal. Part of the hidden information sent
to PayPal when the user clicks that button is the return path.
So if user comes to blahblah.com, clicks the Subscribe button it sends
them to PayPal with a return path of www.blahblah.com (because that's
what I'm telling PayPal to do.) I'm thinking now I can just look at
the URL they're at now and set my PayPal return path dynamically... If
they're here as blahblah.com, I make sure to tell the PayPal form that
the return path is blahblah.com. If www, then return to www...
Thanks for your suggestion though. I can even continue using PayPal's
encrypted buttons - I'll just make two buttons, one for www, and
theother for just blahblah, and display the appropriate button based
on current situation.
Still, I think I was hoping that somewhere in server.xml I could say
all requests for blahblah.com should be mapped to www.blahblah.com.
Thanks all.
On 8/16/05, Peter Rossbach [EMAIL PROTECTED] wrote:
Hey Michael,
I look inside the tomcat source and find that we don't set the cookie
hostname attribute.
That means that the calling client/browser must made the hostname
handling. I also
thing the redirect way is currently right direction.
Peter
Paul Singleton schrieb:
Michael Teter wrote:
If my users come to blahblah.com, then go away, then return, they
get a new session id (for www.blahblah.com).
But if they come to www.blahblah.com, leave, and return (via link from
external site), they keep the same session.
I finally discovered that the browser (Firefox in this case) ends up
with two different session cookies - one for www.blahblah.com and one
for blahblah.com.
this behaviour seems reasonable to me...
What's the right thing to do to solve this?
it doesn't need solving, just accepting :-)
but assuming you want www.blahblah.com and blahblah.com
to behave (session-wise) like one domain, which they aren't,
you could redirect (client-side) from www.blahblah.com
(which IMHO is the redundant/obsolete/legacy domain) to
blahblah.com, which allocates sessions and dishes out cookies.
i.e. www.blahblah.com is a static site which just serves e.g.
html
head
title%= a.appTitle %: redirection page/title
meta http-equiv=refresh content=0;url=http://blahblah.com; /
/head
body onLoad=window.location.replace('http://blahblah.com')
!-- optional if you are not redirected... blurb --
/body
html
NB I haven't actually *tried* this :-)
Paul Singleton
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
===
David Smith
Network Operations Supervisor
Department of Entomology
College of Agriculture Life Sciences
Cornell University
2132 Comstock Hall
Ithaca, NY 14853
Phone: 607.255.9571
Fax: 607.255.0939
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: session problems: www.blahblah.com versus blahblah.com
Hmm, I thing a host alias at for your tomcat configuration was helpfull :-) Host name=blahblah.com Aliaswww.blahblah.com/Alias /Host Peter Michael Teter schrieb: Howdy. I'm having some problems with sessions. If my users come to blahblah.com, then go away, then return, they get a new session id (for www.blahblah.com). But if they come to www.blahblah.com, leave, and return (via link from external site), they keep the same session. I finally discovered that the browser (Firefox in this case) ends up with two different session cookies - one for www.blahblah.com and one for blahblah.com. What's the right thing to do to solve this? Thanks much. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: session problems: www.blahblah.com versus blahblah.com
I tried that, but it's not working. I tried: Host name=blahblah.com Aliaswww.blahblah.com/Alias /Host and I also tried: Host name=www.blahblah.com Aliasblahblah.com/Alias /Host Both ways, I still got a session cookie associated with the name the user entered as the address. If the user then changed the address to www., it created a new session and session cookie (with the new name). On 8/15/05, Peter Rossbach [EMAIL PROTECTED] wrote: Hmm, I thing a host alias at for your tomcat configuration was helpfull :-) Host name=blahblah.com Aliaswww.blahblah.com/Alias /Host Peter Michael Teter schrieb: Howdy. I'm having some problems with sessions. If my users come to blahblah.com, then go away, then return, they get a new session id (for www.blahblah.com). But if they come to www.blahblah.com, leave, and return (via link from external site), they keep the same session. I finally discovered that the browser (Firefox in this case) ends up with two different session cookies - one for www.blahblah.com and one for blahblah.com. What's the right thing to do to solve this? Thanks much. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: session problems: www.blahblah.com versus blahblah.com
I'm not sure if there is a technical way to do this or not as it's the browser that saves the cookie based on the current URL. The way I would do this is to not allow the user to create a session in one of them in the first place. ie, if they browse to blahblah.com then just redirect them to www.blahblah.com so that whenever they are interacting with the webapp. Ta Matt -Original Message- From: Michael Teter [mailto:[EMAIL PROTECTED] Sent: 15 August 2005 21:05 To: Tomcat Users List Cc: [EMAIL PROTECTED] Subject: Re: session problems: www.blahblah.com versus blahblah.com I tried that, but it's not working. I tried: Host name=blahblah.com Aliaswww.blahblah.com/Alias /Host and I also tried: Host name=www.blahblah.com Aliasblahblah.com/Alias /Host Both ways, I still got a session cookie associated with the name the user entered as the address. If the user then changed the address to www., it created a new session and session cookie (with the new name). On 8/15/05, Peter Rossbach [EMAIL PROTECTED] wrote: Hmm, I thing a host alias at for your tomcat configuration was helpfull :-) Host name=blahblah.com Aliaswww.blahblah.com/Alias /Host Peter Michael Teter schrieb: Howdy. I'm having some problems with sessions. If my users come to blahblah.com, then go away, then return, they get a new session id (for www.blahblah.com). But if they come to www.blahblah.com, leave, and return (via link from external site), they keep the same session. I finally discovered that the browser (Firefox in this case) ends up with two different session cookies - one for www.blahblah.com and one for blahblah.com. What's the right thing to do to solve this? Thanks much. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: session problems: www.blahblah.com versus blahblah.com
Great. I don't mean to be a bonehead, but what's the right way to redirect based on name? I'm not using Apache on the front, so I don't have the mod_rewrite (nor do I understand how to use it... yet). On 8/15/05, Dale, Matt [EMAIL PROTECTED] wrote: I'm not sure if there is a technical way to do this or not as it's the browser that saves the cookie based on the current URL. The way I would do this is to not allow the user to create a session in one of them in the first place. ie, if they browse to blahblah.com then just redirect them to www.blahblah.com so that whenever they are interacting with the webapp. Ta Matt -Original Message- From: Michael Teter [mailto:[EMAIL PROTECTED] Sent: 15 August 2005 21:05 To: Tomcat Users List Cc: [EMAIL PROTECTED] Subject: Re: session problems: www.blahblah.com versus blahblah.com I tried that, but it's not working. I tried: Host name=blahblah.com Aliaswww.blahblah.com/Alias /Host and I also tried: Host name=www.blahblah.com Aliasblahblah.com/Alias /Host Both ways, I still got a session cookie associated with the name the user entered as the address. If the user then changed the address to www., it created a new session and session cookie (with the new name). On 8/15/05, Peter Rossbach [EMAIL PROTECTED] wrote: Hmm, I thing a host alias at for your tomcat configuration was helpfull :-) Host name=blahblah.com Aliaswww.blahblah.com/Alias /Host Peter Michael Teter schrieb: Howdy. I'm having some problems with sessions. If my users come to blahblah.com, then go away, then return, they get a new session id (for www.blahblah.com). But if they come to www.blahblah.com, leave, and return (via link from external site), they keep the same session. I finally discovered that the browser (Firefox in this case) ends up with two different session cookies - one for www.blahblah.com and one for blahblah.com. What's the right thing to do to solve this? Thanks much. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: session problems: www.blahblah.com versus blahblah.com
Michael Teter wrote:
If my users come to blahblah.com, then go away, then return, they
get a new session id (for www.blahblah.com).
But if they come to www.blahblah.com, leave, and return (via link from
external site), they keep the same session.
I finally discovered that the browser (Firefox in this case) ends up
with two different session cookies - one for www.blahblah.com and one
for blahblah.com.
this behaviour seems reasonable to me...
What's the right thing to do to solve this?
it doesn't need solving, just accepting :-)
but assuming you want www.blahblah.com and blahblah.com
to behave (session-wise) like one domain, which they aren't,
you could redirect (client-side) from www.blahblah.com
(which IMHO is the redundant/obsolete/legacy domain) to
blahblah.com, which allocates sessions and dishes out cookies.
i.e. www.blahblah.com is a static site which just serves e.g.
html
head
title%= a.appTitle %: redirection page/title
meta http-equiv=refresh content=0;url=http://blahblah.com; /
/head
body onLoad=window.location.replace('http://blahblah.com')
!-- optional if you are not redirected... blurb --
/body
html
NB I haven't actually *tried* this :-)
Paul Singleton
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.338 / Virus Database: 267.10.9/72 - Release Date: 14/Aug/2005
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
