5 Replies Latest reply on May 21, 2009 5:31 AM by c.h.

    Cross Context Sessions and Cookies

    mwringe

      In 2.1.1.CR6, a change was made that makes the cookie path equal the context path instead of '/'.

      2.1.1.CR5:

       protected void configureSessionCookie(Cookie cookie) {
       cookie.setMaxAge(-1);
       cookie.setPath("/");
       ...
      


      2.1.1.CR6:
       protected void configureSessionCookie(TomcatCookie cookie) {
       cookie.setMaxAge(-1);
       if (context.getSessionCookie().getPath() != null) {
       cookie.setPath(context.getSessionCookie().getPath());
       } else {
       String contextPath = context.getEncodedPath();
       if ("".equals(contextPath)) {
       contextPath = "/";
       }
       cookie.setPath(contextPath);
       }
       ...
      


      This has the affect of making cross context cookies fail.
      The server.xml file for the jbossweb.sar has crossContext="true" (set to true by default because portals require it) but this doesn't appear to be working with cookies.

      I am missing some configuration option that needs to be set somewhere?