You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ofbiz.apache.org by Adam Heath <do...@brainfood.com> on 2009/07/23 19:48:23 UTC

re: svn 703784: cross-domain contexts

In ofbiz-containers.xml, enable-cross-subdomain-sessions is set to
true.  However, in CatalinaContainer.java, the default value is false.
 When the value is true, catalina will *always* create a JSESSIONID
cookie value, even if no code calls request.getSession() or
getSession(true).  This causes frontend cache system(varnish
specifically) to not cache the object.  It also causes increase memory
pressure.

Why is this value set to true?  I think it should be false.

Re: svn 703784: cross-domain contexts

Posted by Scott Gray <sc...@hotwaxmedia.com>.

Yeah I'm +1 for that, another issue I stumbled across in the past  
couple of days is that it doesn't work at all if you're running  
separate instances on different subdomains e.g. demo.ofbiz.org and  
demo904.ofbiz.org because the cookies keep overwriting each other.

Regards
Scott

On 24/07/2009, at 5:48 AM, Adam Heath wrote:

> In ofbiz-containers.xml, enable-cross-subdomain-sessions is set to
> true.  However, in CatalinaContainer.java, the default value is false.
> When the value is true, catalina will *always* create a JSESSIONID
> cookie value, even if no code calls request.getSession() or
> getSession(true).  This causes frontend cache system(varnish
> specifically) to not cache the object.  It also causes increase memory
> pressure.
>
> Why is this value set to true?  I think it should be false.