ers@tomcat.apache.org>
>> Subject: Re: Multiple JSESSIONID cookies being presented.
>>
>> -BEGIN PGP SIGNED MESSAGE- Hash: SHA256
>>
>> Jeffrey,
>>
>> On 9/10/15 12:26 PM, Jeffrey Janner wrote:
>>> Thanks for all the help guys. I think I'v
> -Original Message-
> From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com]
> Sent: Thursday, September 10, 2015 12:01 PM
> To: Tomcat Users List <users@tomcat.apache.org>
> Subject: RE: Multiple JSESSIONID cookies being presented.
>
> > From: Jeff
> -Original Message-
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Sent: Thursday, September 10, 2015 2:24 PM
> To: Tomcat Users List <users@tomcat.apache.org>
> Subject: Re: Multiple JSESSIONID cookies being presented.
>
> -BEGIN PGP
> -Original Message-
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Sent: Wednesday, September 09, 2015 1:50 PM
> To: Tomcat Users List <users@tomcat.apache.org>
> Subject: Re: Multiple JSESSIONID cookies being presented.
>
> -BEGIN PGP
> From: Jeffrey Janner [mailto:jeffrey.jan...@polydyne.com]
> Subject: RE: Multiple JSESSIONID cookies being presented.
> I checked the error.jsp file and it does have session=true set, and if the
> icon file
> is missing, the error.jsp is definitely being sent.
>
n" reference will be non-null.
That will allow you to use session information in error.jsp if a
session already exists, but not create a superfluous session when one
does not (yet) exist.
Back to Tomcat's session management: Tomcat *can* handle this
situation properly: it will try all JSESSION
> -Original Message-
> From: Igor Cicimov [mailto:icici...@gmail.com]
> Sent: Tuesday, September 08, 2015 10:09 PM
> To: Tomcat Users List <users@tomcat.apache.org>
> Subject: RE: Multiple JSESSIONID cookies being presented.
>
> On 09/09/2015 7:13 AM, &q
> -Original Message-
> From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com]
> Sent: Tuesday, September 08, 2015 4:58 PM
> To: Tomcat Users List <users@tomcat.apache.org>
> Subject: RE: Multiple JSESSIONID cookies being presented.
>
> > From: Jose
ers@tomcat.apache.org>
>> Subject: RE: Multiple JSESSIONID cookies being presented.
>>
>>> From: Jose María Zaragoza [mailto:demablo...@gmail.com]
>>> Subject: Re: Multiple JSESSIONID cookies being presented.
>>
>>>> Thanks for the clarification of what
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jeffrey,
On 9/4/15 4:40 PM, Jeffrey Janner wrote:
> I'm surprised that Tomcat would use the "wrong" session id for
> URL-rewriting when presenting the login screen. Are you saying
> that, when showing the login page for /APP2, Tomcat will:
>
> a.
che.org>
>> Subject: RE: Multiple JSESSIONID cookies being presented.
>>
>> > From: Jose María Zaragoza [mailto:demablo...@gmail.com]
>> > Subject: Re: Multiple JSESSIONID cookies being presented.
>>
>> > > Thanks for the clarification of what's supposed
> -Original Message-
> From: Jose María Zaragoza [mailto:demablo...@gmail.com]
> Sent: Tuesday, September 08, 2015 9:22 AM
> To: Tomcat Users List <users@tomcat.apache.org>
> Subject: Re: Multiple JSESSIONID cookies being presented.
>
> 2015-09-08 15:
> From: Jose María Zaragoza [mailto:demablo...@gmail.com]
> Subject: Re: Multiple JSESSIONID cookies being presented.
> > Thanks for the clarification of what's supposed to happen on receipt, Jose.
> > However, I am describing what happens on first contact from the client
> -Original Message-
> From: Jose María Zaragoza [mailto:demablo...@gmail.com]
> Sent: Tuesday, September 08, 2015 9:08 AM
> To: Tomcat Users List <users@tomcat.apache.org>
> Subject: Re: Multiple JSESSIONID cookies being presented.
>
> 2015-09-08 15:
2015-09-08 22:57 GMT+02:00 Jeffrey Janner <jeffrey.jan...@polydyne.com>:
>> -Original Message-
>> From: Jose María Zaragoza [mailto:demablo...@gmail.com]
>> Sent: Tuesday, September 08, 2015 9:08 AM
>> To: Tomcat Users List <users@tomcat.apache.org>
> -Original Message-
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Sent: Friday, September 04, 2015 12:46 PM
> To: Tomcat Users List <users@tomcat.apache.org>
> Subject: Re: Multiple JSESSIONID cookies being presented.
>
> -BEGIN PGP
2015-09-08 15:51 GMT+02:00 Jeffrey Janner <jeffrey.jan...@polydyne.com>:
>> -Original Message-
>> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
>> Sent: Friday, September 04, 2015 12:46 PM
>> To: Tomcat Users List <users@tomcat.apa
2015-09-08 15:51 GMT+02:00 Jeffrey Janner <jeffrey.jan...@polydyne.com>:
>> -Original Message-
>> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
>> Sent: Friday, September 04, 2015 12:46 PM
>> To: Tomcat Users List <users@tomcat.apa
stopherschultz.net]
> > >> Sent: Friday, September 04, 2015 12:46 PM
> > >> To: Tomcat Users List <users@tomcat.apache.org>
> > >> Subject: Re: Multiple JSESSIONID cookies being presented.
> > >>
> > >> -BEGIN PGP SIGNED MESSAGE-
Hi folks,
I'm running Tomcat 8.0.24 on Ubuntu 14.04 with Java 8u45, but I'm also seeing
this on Windows (version doesn't matter), with Tomcat 7.0.57 and Java 7u71, and
Tomcat 6.0.43 and Java 7U51.
I have 2 contexts installed in Tomcat, one is ROOT, the other APP2. Both
contexts start off at a
> -Original Message-
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Sent: Friday, September 04, 2015 12:46 PM
> To: Tomcat Users List <users@tomcat.apache.org>
> Subject: Re: Multiple JSESSIONID cookies being presented.
>
> -BEGIN PGP
ers@tomcat.apache.org>
>> Subject: Re: Multiple JSESSIONID cookies being presented.
>>
> Jeffrey,
>
> On 9/4/15 12:37 PM, Jeffrey Janner wrote:
>>>> I'm running Tomcat 8.0.24 on Ubuntu 14.04 with Java 8u45, but
>>>> I'm also seeing this on Windows (versi
> -Original Message-
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Sent: Friday, September 04, 2015 2:55 PM
> To: Tomcat Users List <users@tomcat.apache.org>
> Subject: Re: Multiple JSESSIONID cookies being presented.
>
> -BEGIN PGP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jeffrey,
On 9/4/15 12:37 PM, Jeffrey Janner wrote:
> I'm running Tomcat 8.0.24 on Ubuntu 14.04 with Java 8u45, but I'm
> also seeing this on Windows (version doesn't matter), with Tomcat
> 7.0.57 and Java 7u71, and Tomcat 6.0.43 and Java 7U51.
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jose,
On 3/1/13 2:46 PM, Jose María Zaragoza wrote:
I wonder why browsers don't send only one JSESSIONID If I request
an URL as www.mydomain.com/app/myapplication/action.do and it has
got 2 cookies with the same name, one for www.mydomain.com/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Nick,
On 3/1/13 2:58 PM, Nick Williams wrote:
Browsers send all of the cookies because that's the compliant thing
to do. RFC-2109 [1] says:
If multiple cookies satisfy the criteria above, they are ordered
in the Cookie header such that those
The moral of the story is that nested URL spaces is a bad idea where
sessions are concerned. We easily fixed that problem by moving the
/-mounted webapp to a unique URL prefix (which wasn't trivial, since
we had inter-webapp links, etc.) but it solved all of those weird
problems.
Thanks.
But
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jose,
On 3/2/13 2:25 PM, Jose María Zaragoza wrote:
The moral of the story is that nested URL spaces is a bad idea
where sessions are concerned. We easily fixed that problem by
moving the /-mounted webapp to a unique URL prefix (which wasn't
and regards
2013/2/28 Caldarale, Charles R chuck.caldar...@unisys.com:
From: Nick Williams [mailto:nicho...@nicholaswilliams.net]
Subject: Re: Multiple JSESSIONID
That's interesting. I would recommend a servlet filter that captures
addCookie and friends to see where that extra one is being added
happen ? or is it created a
new session with a new identifier ?
Thanks and regards
2013/2/28 Caldarale, Charles R chuck.caldar...@unisys.com:
From: Nick Williams [mailto:nicho...@nicholaswilliams.net]
Subject: Re: Multiple JSESSIONID
That's interesting. I would recommend a servlet filter
?
Thanks and regards
2013/2/28 Caldarale, Charles R chuck.caldar...@unisys.com:
From: Nick Williams [mailto:nicho...@nicholaswilliams.net]
Subject: Re: Multiple JSESSIONID
That's interesting. I would recommend a servlet filter that captures
addCookie and friends to see where that extra one
2013/3/1 Nick Williams nicho...@nicholaswilliams.net:
APOLOGIES FOR TOP POSTING! (see below, were I correctly inline post this
apology)
On Mar 1, 2013, at 1:58 PM, Nick Williams wrote:
Browsers send all of the cookies because that's the compliant thing to do.
RFC-2109 [1] says:
If
- Original Message -
From: Jose María Zaragoza demablo...@gmail.com
To: Tomcat Users List users@tomcat.apache.org
Sent: Thursday, February 28, 2013 11:43 PM
Subject: Multiple JSESSIONID
Hello:
We're using Tomcat 6.0.24 as servlet container
This server listens for requests under
Hello:
We're using Tomcat 6.0.24 as servlet container
This server listens for requests under the URL
www.mydomain.com/app/myaplication/
I've seen in my web browser that it has got 2 JSESSIONID for the same
domain at the same time
JSESSIONID: x
www.mydomain.com
/
and
JSESSIONID:
where that extra one is being added.
How does Tomcat server handle this situation ? I'm talking about
session managing Does it read the first JSESSIONID ? Does it read
every JSESSIONID ? Can this cause problems ?
Tomcat will read session ids until it finds one that is valid: having
multiple
? I'm talking about
session managing Does it read the first JSESSIONID ? Does it read
every JSESSIONID ? Can this cause problems ?
Tomcat will read session ids until it finds one that is valid: having
multiple JSESSIONID cookies is not a problem unless *both* are valid
for some reason
From: Nick Williams [mailto:nicho...@nicholaswilliams.net]
Subject: Re: Multiple JSESSIONID
That's interesting. I would recommend a servlet filter that captures
addCookie and friends to see where that extra one is being added.
The two JSESSIONIDs immediately above are in the request, so
37 matches
Mail list logo
