Changing cookie JSESSIONID name

JavaTomcatJsessionid

Java Problem Overview

I have a requirement of having to run multiple tomcat server in single physical box. While accessing these from a browser, when user switches between the applications, it results in logging out the user previously access application. This is because of JSESSIONID cookie conflict.

One possible solution is to run each applications in different context. Unfortunately, my applications will not work in context path setting as none of the resources are accessed with request.getContextPath() prepended in front.

This leaves me to change the name of cookie JSESSIONID to resolve the conflict. Is there a way to do this? If yes, how?

Hope I'm clear in stating my question.

Note: All my application are running in different port in the same machine.

Java Solutions

Solution 1 - Java

Everything is much simpler with Servlet API 3.0.

Now you can configure it in your web.xml:

<session-config>
    <cookie-config>
        <name>MY_JSESSIONID_YAHOOOOOO</name>
    </cookie-config>
</session-config>

That's it!

Solution 2 - Java

The following works for me on Tomcat7 in the context.xml file:

<Context path="/yourApp" sessionCookieName="custom_session_id">

Solution 3 - Java

By Using two following system properties this can be achieved with ease.

  • org.apache.catalina.SESSION_COOKIE_NAME
  • org.apache.catalina.SESSION_PARAMETER_NAME

Any value can be passed to above properties to change the default values.

Here complete details with some sample script is found.

Solution 4 - Java

Tomcat 7 moves this from org.apache.catalina.SESSION_COOKIE_NAME to an attribute on the main <Context> config. http://tomcat.apache.org/migration-7.html#Session_manager_configuration

Solution 5 - Java

I don't think it's possible at this point - see https://issues.apache.org/bugzilla/show_bug.cgi?id=42419

The last entry states "This has been fixed in 5.5.x and will be included in 5.5.28 onwards" - which is the next point release - 5.5.27 is the current release.

Solution 6 - Java

Not 100% sure if this will work, but you can use the jvmRoute attribute, which is generally used in a load-balanced/clustered environment for the load balancers to be able to tell the nodes apart. Example:

<Engine name="Catalina" defaultHost="localhost" jvmRoute="node1">

This will end up generating a JSESSIONID value that looks like "ABCDEF123456.node1".

Documentation link.

Solution 7 - Java

I found it in Tomcat at /tomcat/conf/server.xml

server.xml

<Engine name="Catalina" defaultHost="localhost" jvmRoute="instanceName">

5D33F755D8D75EF7C8E840.instanceName

Solution 8 - Java

    final SessionCookieConfig sessionCookieConfig = servletContext.getSessionCookieConfig();
    sessionCookieConfig.setSecure(true);
    sessionCookieConfig.setHttpOnly(true);
    // Set __Host- prefix
    sessionCookieConfig.setName("__Host-JSESSIONID");
Categories
Recommended Java Solutions
Recommended Tomcat Solutions
Recommended Jsessionid Solutions

Previous Solution:

Make ABC Ordered List Items Have Bold Style

HtmlCssHtml Lists

Next Solution:

Adding attributes to an XML node

C#Xml

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestionramanrView Question on Stackoverflow
Solution 1 - JavawalvView Answer on Stackoverflow
Solution 2 - JavaJoseph LustView Answer on Stackoverflow
Solution 3 - Javauser489641View Answer on Stackoverflow
Solution 4 - JavatimkingmanView Answer on Stackoverflow
Solution 5 - JavaMartinView Answer on Stackoverflow
Solution 6 - Javamatt bView Answer on Stackoverflow
Solution 7 - JavaNileshView Answer on Stackoverflow
Solution 8 - JavaisobretatelView Answer on Stackoverflow