If you've got a <Valve
className="org.apache.catalina.valves.RequestDumperValve"/> defined for the
<Engine/> node in server.xml for your Tomcat installation, you should be able
to see cookies being passed in HTTP requests:
======================================================
2005-02-02 10:30:39 RequestDumperValve[engine]: REQUEST URI
=/calendar/DownloadEvents
2005-02-02 10:30:39 RequestDumperValve[engine]: authType=null
2005-02-02 10:30:39 RequestDumperValve[engine]: characterEncoding=null
2005-02-02 10:30:39 RequestDumperValve[engine]:
cookie=n.gp.8c52f99421cdaa97=20050123
2005-02-02 10:30:39 RequestDumperValve[engine]:
cookie=n.gp.01a0d577f34f043b=20050319
2005-02-02 10:30:39 RequestDumperValve[engine]: header=accept=*/*
2005-02-02 10:30:39 RequestDumperValve[engine]: header=accept-language=en-us
2005-02-02 10:30:39 RequestDumperValve[engine]: header=accept-encoding=gzip,
deflate
: : :
2005-02-02 10:30:39 RequestDumperValve[engine]: requestedSessionId=null
2005-02-02 10:30:39 RequestDumperValve[engine]: scheme=http
2005-02-02 10:30:39 RequestDumperValve[engine]: serverName=sample.com
2005-02-02 10:30:39 RequestDumperValve[engine]: serverPort=80
2005-02-02 10:30:39 RequestDumperValve[engine]:
servletPath=/calendar/DownloadEvents
2005-02-02 10:30:39 RequestDumperValve[engine]: isSecure=false
======================================================
The cookies in the above sample are app-specific and not Tomcat session
cookies, but give the general idea.
You should also check the security settings/preferences of the browsers in
question as such settings can constrain the browser's use of cookies.
