You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Sundar Ramalingam <su...@gmail.com> on 2009/12/21 18:55:09 UTC

Cookie Issue in Tomcat 6.0.20

I am seeing problem in my login logic in tomcat 6.0.20 which was working
fine tomcat 5.5.*. The logic reads cookie and based on that authenticates
user.

 This cookie is set by my company's enterprise site.

For Example in the below cookie *testUser* is the login name. We need to
parse and
get the username (testUser) by reading cookie.

COOKIE:
=======

 ECCUser:n0MSlkL7ugtO84tH:n0MTL1Z9YZSMSolB:testUser

In tomcat 5.5 when i read the above cookie I get whole information. But when
I
read cookie using the same code in Tomcat 6.0.20 i get only

 ECCUser:n0MSlkL7ugtO84tH

 I couldn't get whole information until testUser. Since I am using the same
piece of code, I was expecting it would be consistent in tomcat 6.0.20, but
it
is not. Please help me in this regard.

Thanks in advance,

Sundar Ramalingam

Re: Cookie Issue in Tomcat 6.0.20

Posted by Mark Thomas <ma...@apache.org>.

On 21/12/2009 17:55, Sundar Ramalingam wrote:
> I am seeing problem in my login logic in tomcat 6.0.20 which was working
> fine tomcat 5.5.*. The logic reads cookie and based on that authenticates
> user.
> 
>  This cookie is set by my company's enterprise site.
> 
> For Example in the below cookie *testUser* is the login name. We need to
> parse and
> get the username (testUser) by reading cookie.
> 
> COOKIE:
> =======
> 
>  ECCUser:n0MSlkL7ugtO84tH:n0MTL1Z9YZSMSolB:testUser
> 
> In tomcat 5.5 when i read the above cookie I get whole information. But when
> I
> read cookie using the same code in Tomcat 6.0.20 i get only
> 
>  ECCUser:n0MSlkL7ugtO84tH
> 
>  I couldn't get whole information until testUser. Since I am using the same
> piece of code, I was expecting it would be consistent in tomcat 6.0.20, but
> it
> is not. Please help me in this regard.

Tomcat won't read that cookie as you want as it isn't spec compliant
(older Tomcat versions were more tolerant). If you can't get the system
that is sending the broken header fixed, then you'll have to parse the
header yourself.

Mark



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org