Tomcat handle subdomains with 1 session error - java.lang.IllegalArgumentException: An invalid domain [.localhost] was specified for this cookie, Rfc6265CookieProcessor.java:210

Quick fix:

<Context sessionCookiePath="/" sessionCookieDomain=".localhost">

  <!-- Use Legacy Cookie Processor, newer tomcat version implements Rfc6265 which causes our error -->
  <CookieProcessor className="org.apache.tomcat.util.http.LegacyCookieProcessor" />

</Context>

We just need to tell tomcat to use LegacyCookieProcessor as newer tomcat version implements Rfc6265 specification which causes our error.

I don't know if browser will let you set JSESSIONID for localhost subdomains. For domain with sub-domains it will work.

For example when we use:

sessionCookieDomain=".test123.com"

instead of .localhost then it will work and share JSESSIONID between all subdomains, eg:

• de.test123.com
• ru.test123.com
• etc

I found interesting articles, related to this topic:

• https://bz.apache.org/bugzilla/show_bug.cgi?id=59703
• https://www.santhoshreddymandadi.com/java/managing-java-cookies-to-share-java.html
• https://tomcat.apache.org/tomcat-7.0-doc/config/context.html#Common_Attributes
• https://codingexplained.com/coding/java/tomcat-share-session-cookies-subdomains
• https://www.prashantparashar.com/tomcat-sharing-session-cookies-across-subdomains-2012-09.html
• https://docs.spring.io/spring-session/docs/2.0.0.M2/reference/html5/guides/java-custom-cookie.html#custom-cookie-sample