cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

JSessionid name definition in WAS, possible?

Former Member

on ‎09-20-2004 12:22 PM

0 Kudos

Hello all Gurus!

We are in need to overcome a fairly common problem which is related to the jsessionid cookie where you get a session expired when moving from one application to another.

On some other web application servers you can define, for example in the web.xml's cookie-config part the name of the cookie which defaults to jsessionid.

Unfortunately in the WAS 6.20 this doesn't seem to be possible (at least the DTD doesn't seem to support it).

Question: Can you change the jsessionid name for a webapplication on WAS 6.20?

If not then what is the best practise workaround for the situations where we end up with session expired messages when moving from one context to the next in the same domain?

Before answering the question please be aware that Internet Explorer 6 sends back a more generic cookie before the specific on.

In other words if there is a cookie for mydomain.com then even if we are accessing a subdomain mysite.mydomain.com it will send the mydomain.com jsessionid cookie to all the subdomains before the subdomain specific cookie.

Cheers,

Kalle

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎09-30-2004 3:02 PM
0 Kudos

Hello Kalle,

First I have to emphasize on that the problem should not appear in environment build only on SAP J2EE Engines. If request is made from an application on one engine to other application on the same or other engine instance, a common cookie is used as the servers check the syntax of the jsessionid cookie value. If the syntax is in SAP specific format the same cookie is used, if not, a new cookie is created for the new session. This way overiding cookies between SAP engines is impossible.

If the environment consists of SAP engine and other non-SAP engine there is a tag in web.xml called cookie-config that is described in Administration manual - chapter Services Administration Reference - Servlet_jsp Service - Configuring SAP J2EE Engine 6.20 Cookies. Configured this way each application or server could use its own session cookie and there will be no scenario when the client will send session cookie from one application/server to other.

Kind Regards,

Todor Mollov

SAP J2EE Web Container

Message was edited by: Todor Mollov

Show replies
Show replies
Former Member
‎10-01-2004 1:05 PM
0 Kudos

Hi Todor,

thank you for the insight into this issue.

My apologies for not elaborating more in the initial posting.

Yes, we are running a mix of servers hence the first point in your reply is covered and can't be helped.

The second point, changing the cookie name, is not possible according to the web.xml DTD we are using.

In the DTD we have the following lines:

<!ELEMENT cookie-config (cookie)>

<!ELEMENT cookie (path?,domain?)>

Hence the cookie element can only take a path or a domain. These two values won't unfortunately help in our case. what we are missing is the cookie-name which is designed to do just what we need.

Former Member
‎10-01-2004 4:28 PM
0 Kudos

Hi Kalle,

according to Servlet 2.3 Spec: "The name of the session tracking cookie must be JSESSIONID." But session cookie can be unique with the combination of path and domain. So try setting values for those parameters and see if the cookies will be overridden.

Best Regards,

Todor

Ask a Question