EN
Tomcat handle subdomains with 1 session error - java.lang.IllegalArgumentException: An invalid domain [.localhost] was specified for this cookie, Rfc6265CookieProcessor.java:210
1
answers
1
points
I try to setup tomcat to handle subdomains with 1 session and got this error after I added new parameters to context.xml file in tomcat.
Error:
java.lang.IllegalArgumentException: An invalid domain [.localhost] was specified for this cookie
org.apache.tomcat.util.http.Rfc6265CookieProcessor.validateDomain(Rfc6265CookieProcessor.java:210)
org.apache.tomcat.util.http.Rfc6265CookieProcessor.generateHeader(Rfc6265CookieProcessor.java:145)
Context.xml file location:
apache-tomcat-8.5.45/conf/context.xml
Before:
<Context>
</Context>
After:
<Context sessionCookiePath="/" sessionCookieDomain=".localhost">
</Context>
How to solve this exception?
1 answer
3
points
Quick fix:
<Context sessionCookiePath="/" sessionCookieDomain=".localhost">
<!-- Use Legacy Cookie Processor, newer tomcat version implements Rfc6265 which causes our error -->
<CookieProcessor className="org.apache.tomcat.util.http.LegacyCookieProcessor" />
</Context>
We just need to tell tomcat to use LegacyCookieProcessor as newer tomcat version implements Rfc6265 specification which causes our error.
I don't know if browser will let you set JSESSIONID for localhost subdomains. For domain with sub-domains it will work.
For example when we use:
sessionCookieDomain=".test123.com"
instead of .localhost then it will work and share JSESSIONID between all subdomains, eg:
- de.test123.com
- ru.test123.com
- etc
I found interesting articles, related to this topic:
- https://bz.apache.org/bugzilla/show_bug.cgi?id=59703
- https://www.santhoshreddymandadi.com/java/managing-java-cookies-to-share-java.html
- https://tomcat.apache.org/tomcat-7.0-doc/config/context.html#Common_Attributes
- https://codingexplained.com/coding/java/tomcat-share-session-cookies-subdomains
- https://www.prashantparashar.com/tomcat-sharing-session-cookies-across-subdomains-2012-09.html
- https://docs.spring.io/spring-session/docs/2.0.0.M2/reference/html5/guides/java-custom-cookie.html#custom-cookie-sample
0 comments
Add comment