-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Pid,
Pid wrote: > Stefano Nichele wrote: >> Hi All, >> I have a strange (for me?) requirement for my application. >> Basically I have webapp A deployed in Tomcat A and webpp B deployed in >> Tomcat B. webappA is the "main" webapplication that provides the main >> web page to the the browser. That page contains an IFrame that points to >> webappB. >> >> Is there a way to have/use different JSESSIONID for the webapps ? I know >> the browser handles the cookies per hostname, is there a way to handle >> cookies per path (webapp) ? > > If you've actually deployed two separate webapps then the session ids > ought to be different. Session data is not portable between separate > webapps. The only exception would be for applications deployed "inside" one another's URI spaces. We used to have a situation where we had a ROOT webapp and another one deployed onto /foo (the original application has been deployed to ROOT, and we had to keep it there while deploying another one, too... it was silly and it's since been corrected). At any rate, we had weird problems with dual cookies being sent. The sessions wouldn't overlap, of course, but we had weirdness with the session being lost sometimes. It was combined with a third application that didn't use sessions at all and forwarded the requested session id behind the scenes back to the main application, and we could never tell which session id to use (because clients don't sent the "Path" along with the JSESSIONID cookie). Bottom line: beware deploying applications inside one another's URI spaces. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkl6GRwACgkQ9CaO5/Lv0PDBtgCaA8fNcBF3XAV9sThnhJN7pOml d90An1LWimWvYNleDg6ng0vYyLN5ollR =cHaH -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
