You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Giles Constant <gi...@ftech.net> on 2000/08/24 18:55:42 UTC
Altering cookie path for Session tracking through a ProxyPass
Hi there,
I'm *really* stuck :-)
I've got a website on a server : www.foo.com
For reasons I won't bore you with, I have JSP for this website on a
different server : jsp.bar.com:8080/mycontext
To make it look pretty, I've done this to www.foo.com :
ProxyPass /jsp http://jsp.bar.com:8080/mycontext
Thusly, "www.foo.com/jsp" will point to the JSPs.
Unfortunately, when session tracking sends a cookie, it's broken, because
"mycontext" is doing this :
Set-Cookie: JSESSIONID=To1021mC6475555985819488At;Path=/mycontext
Which obviously won't be sent back to www.foo.com/jsp!
Anyone got any ideas for this? ideally something in the configuration
file which would fudge the context to think it's in /jsp rather than
"/mycontext", but failing that, something where I can alter the "Path" of
the session at runtime. I've scoured the docs for this, but i'm about to
give up :-)
I suppose failing that I could set a cookie manually, but it's getting
ugly. Or perhaps I could hack the session tracking source..
help? :-)
--
Giles Constant <gi...@ftech.net> - Network Operations
Frontier Internet Services Limited http://www.frontier-internet.ltd.uk/
Tel: +44 (0)20 7510 4700 Fax: +44 (0)20 7531 9930
All statements made are subject to Frontier's Terms and Conditions of
Business which are available upon request.
Re: Altering cookie path for Session tracking through a ProxyPass
Posted by "Craig R. McClanahan" <Cr...@eng.sun.com>.
Giles Constant wrote:
> On Thu, 24 Aug 2000, Craig R. McClanahan wrote:
>
> > But, I've got a question. Is there a particular reason you cannot deploy
> > your webapp (within Tomcat) as "/jsp" instead of "/mycontext"? That way, the
> > names would match and the session cookies would work just fine.
>
> Because it's actually a server with several customer's jsp sites on it
> (we're an ISP). So the context paths would have to be based on their
> username. We can't put www.foo.com/username as the jsp redirect either,
> because that is used for something else :-)
>
> However, you've given me an idea. With a bit of dns/CNAMEing, I can
> point
>
> USERNAME.jsp.ftech.net -> jsp.ftech.net
>
> And thusly proxypass through to username.jsp.ftech.net:8080/jsp without
> problems. Case solved (I can go home now).
>
That's great. Get some sleep. :-)
>
> (does jakarta support HTTP1.1 hosting? I know jetty3 does, but I'd rather
> not change servers at this point :-))
>
Tomcat 3.x does not support HTTP/1.1 at the moment, although Tomcat 4.0 will when
it's released (it's being actively developed).
>
> Thanks for your help,
>
> Giles
>
Craig
Re: Altering cookie path for Session tracking through a ProxyPass
Posted by Giles Constant <gi...@ftech.net>.
On Thu, 24 Aug 2000, Craig R. McClanahan wrote:
> But, I've got a question. Is there a particular reason you cannot deploy
> your webapp (within Tomcat) as "/jsp" instead of "/mycontext"? That way, the
> names would match and the session cookies would work just fine.
Because it's actually a server with several customer's jsp sites on it
(we're an ISP). So the context paths would have to be based on their
username. We can't put www.foo.com/username as the jsp redirect either,
because that is used for something else :-)
However, you've given me an idea. With a bit of dns/CNAMEing, I can
point
USERNAME.jsp.ftech.net -> jsp.ftech.net
And thusly proxypass through to username.jsp.ftech.net:8080/jsp without
problems. Case solved (I can go home now).
(does jakarta support HTTP1.1 hosting? I know jetty3 does, but I'd rather
not change servers at this point :-))
Thanks for your help,
Giles
--
Giles Constant <gi...@ftech.net> - Network Operations
Frontier Internet Services Limited http://www.frontier-internet.ltd.uk/
Tel: +44 (0)20 7510 4700 Fax: +44 (0)20 7531 9930
All statements made are subject to Frontier's Terms and Conditions of
Business which are available upon request.
Re: Altering cookie path for Session tracking through a ProxyPass
Posted by "Craig R. McClanahan" <Cr...@eng.sun.com>.
You would have to patch the Tomcat source code to do anything like this.
Tomcat assumes that the context path under which a web app is deployed is the
context path under which users will access it.
But, I've got a question. Is there a particular reason you cannot deploy
your webapp (within Tomcat) as "/jsp" instead of "/mycontext"? That way, the
names would match and the session cookies would work just fine.
Craig McClanahan
Giles Constant wrote:
> Hi there,
>
> I'm *really* stuck :-)
>
> I've got a website on a server : www.foo.com
>
> For reasons I won't bore you with, I have JSP for this website on a
> different server : jsp.bar.com:8080/mycontext
>
> To make it look pretty, I've done this to www.foo.com :
>
> ProxyPass /jsp http://jsp.bar.com:8080/mycontext
>
> Thusly, "www.foo.com/jsp" will point to the JSPs.
>
> Unfortunately, when session tracking sends a cookie, it's broken, because
> "mycontext" is doing this :
>
> Set-Cookie: JSESSIONID=To1021mC6475555985819488At;Path=/mycontext
>
> Which obviously won't be sent back to www.foo.com/jsp!
>
> Anyone got any ideas for this? ideally something in the configuration
> file which would fudge the context to think it's in /jsp rather than
> "/mycontext", but failing that, something where I can alter the "Path" of
> the session at runtime. I've scoured the docs for this, but i'm about to
> give up :-)
>
> I suppose failing that I could set a cookie manually, but it's getting
> ugly. Or perhaps I could hack the session tracking source..
>
> help? :-)
>
> --
> Giles Constant <gi...@ftech.net> - Network Operations
> Frontier Internet Services Limited http://www.frontier-internet.ltd.uk/
> Tel: +44 (0)20 7510 4700 Fax: +44 (0)20 7531 9930
> All statements made are subject to Frontier's Terms and Conditions of
> Business which are available upon request.