Databases
StackOverflow2013
Postsdbo
POJSESSIONID collision between two servers on same ip but different ports
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POJSESSIONID collision between two servers on same ip but different ports
    text
    copied!<p>I've got a situation where I have two different webapps running on a single server, using different ports. They're both running Java's Jetty servlet container, so they both use a cookie parameter named JSESSIONID to track the session id. These two webapps are fighting over the session id.</p> <ul> <li>Open a Firefox tab, and go to WebApp1</li> <li>WebApp1's HTTP response has a set-cookie header with JSESSIONID=1</li> <li>Firefox now has a Cookie header with JSESSIONID=1 in all it's HTTP requests to WebApp1</li> <li>Open a second Firefox tab, and go to WebApp2</li> <li>The HTTP reqeust to WebApp2 also has a Cookie header with JSESSIONID=1, but in the doGet, when I call <code>req.getSession(false);</code> I get <code>null</code>. And if I call <code>req.getSession(true)</code> I get a new Session object, but then the HTTP response from WebApp2 has a set-cookie header with JSESSIONID=20</li> <li>Now, WebApp2 has a working Session, but WebApp1's session is gone. Going to WebApp1 will give me a new session, blowing away WebApp2's session.</li> <li>Continue forever</li> </ul> <p>So the Sessions are thrashing between each web app. I'd really like for the <code>req.getSession(false)</code> to return a valid session if there's already a JSESSIONID cookie defined.</p> <p>One option is to basically reimplement the Session framework with a HashMap and cookies called WEBAPP1SESSIONID and WEBAPP2SESSIONID, but that sucks, and means I'll have to hack the new Session stuff into ActionServlet and a few other places.</p> <p>This must be a problem others have encountered. Is Jetty's <code>HttpServletRequest.getSession(boolean)</code> just crappy?</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload