session ids are, as per the spec, unique for each web application.if you're defining multiple hosts, then that would imply multiple web applications.
if you want to hack sessions to work for multiple subdomains then you'll need to hack more than just the single sign-on valve, i'd imagine.
p Jeremy Cowgar wrote:
Thank you very much for trying. I could not make it work either. It's a simple task, as you say, of simply making the cookie be attached to the domain name .localhost ... Oh well. I'll have to figure something out.Thanks again, Jeremy On Apr 22, 2007, at 7:42 AM, Johnny Kewl wrote:Hi Jeremy... Decided to give it a quick try... Attached a WAR file that includes the source code of the test....Unfortunately it does not seem to work.... the tomcat session management doesnt seem to be able to track session ID's across domain names... or multiple hosts, and seems to ignore domain names set in the valve...In the tests I used domains like this test1.localhost.org..... to test hosts.... and even tried this.... and mapped all domains to the ip in the hosts file... also didnt work...<Host name="127.0.0.1" appBase="webapps" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false"> <Valve className="org.apache.catalina.authenticator.SingleSignOn"/> </Host> I dont think it can do it...I'm out of ideas... sorry... your question still remains open.... think we going to need the help of the guru that wrote the "single sign on" module...---- Original Message ----- From: "Jeremy Cowgar" <[EMAIL PROTECTED]> To: "Tomcat Users List" <users@tomcat.apache.org> Sent: Saturday, April 21, 2007 5:50 PM Subject: Re: Session across multiple hosts?Unfortunately that did not work. The cookie still got set as domain.com, not .domain.comI have in server.xml: <Engine name="Catalina" defaultHost="localhost"> <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/> <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false"><Valve className="org.apache.catalina.authenticator.SingleSignOn"cookieDomain=".localhost"/> </Host> </Engine>Now, this is still in development, thus the localhost, and I've defined many other "hostnames" in my hosts file, like host1.localhost, host2.localhost, host3.localhost. My app is working great and responding to those correctly, but the cookie is being set as localhost, not .localhost.Jeremy On Apr 21, 2007, at 11:30 AM, Johnny Kewl wrote:So.... if you want to get the browser to treat the 2 domain names the same.... you have to SOMEHOW set the domain in that JSession cookie. Tomcat will automatically set it to abc.domain.com and def.domain.com.....but you need to make it set BOTH machines to ".domain.com". < Valve className="org.apache.catalina.authenticator.SingleSignOn" cookieDomain=".domain.com" />Greetings!I have domain.com and my app uses hosts under that domain, like abc.domain.com, def.domain.com... When the user logs in, the session is valid only on domain.com... How can I make that session also valid under the other hostnames?--------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]--------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]--------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
smime.p7s
Description: S/MIME Cryptographic Signature
