On 03/18/09 02:00 AM, glassfish_at_javadesktop.org wrote:
> We have a single glassfish webapp that is used to render multiple "user defined" web applications in the form:
>
> www.ourserver.com/app1
> www.ourserver.com/app2
> www.ourserver.com/app3
>
> The users can choose their subdirectory, and then build their website using our administration console.
>
> We would like to stop sharing sessions between applications. The default cookie-path is / and we have been looking at ways to override this without success so far.
>
> One idea is to use a global filter to wrap the httpservletresponse and alter the cookiepath, but it seems a bit ugly to do this.
> Any better ideas?
>
GlassFish versions prior to the upcoming GlassFish v3 allow
you to configure the following session tracking cookie properties
in sun-web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<sun-web-app>
<session-config>
<cookie-properties>
<property name="cookiePath" value="xxx" />
<property name="cookieDomain" value="xxx" />
<property name="cookieComment" value="xxx" />
<property name="cookieSecure" value="[true|false]" />
</cookie-properties>
</session-config>
</sun-web-app>
The Servlet 3.0 spec, which GlassFish v3 will implement, is adding standard
support for session tracking cookie configuration: declaratively in web.xml,
as well as programmatically via javax.servlet.SessionCookieConfig.
This functionality is already available "for preview" in recent GlassFish v3
nightly/promoted builds.
Thanks,
Jan
> [Message sent by forum member 'profiler' (profiler)]
>
> http://forums.java.net/jive/thread.jspa?messageID=337600
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
>