4 messages in org.apache.tomcat.usersRe: Losing cookie if hostname differe...| From | Sent On | Attachments |
|---|---|---|
| Rachel Greenham | Aug 10, 2000 5:02 am | |
| Yun Sang Jung | Aug 10, 2000 5:20 am | |
| Brian Richards | Aug 10, 2000 5:24 am | |
| Craig R. McClanahan | Aug 10, 2000 10:07 am |
| Subject: | Re: Losing cookie if hostname different, under apache | |
|---|---|---|
| From: | Yun Sang Jung (navi...@channeli.net) | |
| Date: | Aug 10, 2000 5:20:33 am | |
| List: | org.apache.tomcat.users | |
<HTML>
<HEAD><TITLE> Message </TITLE></HEAD>
<BODY>
<PRE>
<IMG
SRC="http://webmail.channeli.net/webmail/button.php3?id=zozthognzahnavidad&user=navidad"
width="1" height="1">
IMFO, this is a legal in Apache or other commercial web servers.
It seems that tomcat webserver misbehaviored!
Check cookie spec from netscape but I cannot remeber resource URL. (sorry..)
I think there is work-around in SPEC to achieve your goal.(sharing cookie on
same domain)
----- Original Message ----- From: "Rachel Greenham" <rach...@enetgroup.co.uk> To: <tomc...@jakarta.apache.org> Sent: Thursday, August 10, 2000 9:02 PM Subject: Losing cookie if hostname different, under apache
It's an odd one:
It would appear that, under Apache, if you change the hostname by which you access a web server, even if that hostname resolves to the same actual host, Tomcat can't pick up the cookie.
ie: As I'm on the same subnet, I start with http://myhost/ but as I progress through the site a redirect or something including just me typing a URL directly, causing a switch to using the FQDN eg: http://myhost.mydomain.etc/, the switch causes Tomcat to mislay the cookie or session object.
But this *doesn't* happen when Tomcat is used in standalone mode - ie: if I access the same site on port 8080 rather than port 80, and again switch from http://myhost/ to http://myhost.mydomain.etc/ - the cookie/session object remains accessible regardless of changes in the hostname the client makes.
The problem only occurs when the site is used through Apache, so presumably it's a problem in Apache and/or the JServ connector. I tried uncommenting the ServerName directive in httpd.conf so it explicitly specifies the host's FQDN but it made no difference. Any ideas anyone?
I'm not even sure I should be considering it a bug, as this might be a necessary thing to allow virtual hosting to work in Apache.
FWIW: Apache 1.3.12, Tomcat 3.1 (including mod_jserv.so built from Tomcat 3.1 sources), running on Linux and Sun JDK1.3 beta.
-- Rachel
</PRE></BODY> </HTML>