Menu
How can I set session cookie attribute "Domain" for my spring project on tomcat server? I am using spring security and HTTPS Currently I have following :
Set-Cookie: JSESSIONCookie: JSESSIONID=DEAC4422AB4E28A7062C08724C8BCFAA; Path=/myapp/; Secure; HttpOnly.
But I want this
Set-Cookie: JSESSIONCookie: JSESSIONID=DEAC4422AB4E28A7062C08724C8BCFAA; Path=/myapp/; Secure; Domain=.localhost; HttpOnly.
I have tried to put domain attribute in web.xml withing cookie-config. I have tried using spring session [CookieHttpSessionStrategy], but that doesnot work.
There is something like TomcatContextCustomizer , but that doesnot work [actually I might have made some mistake in configuring it]
Also if running on localhost what domain should I set?
obj.setDomain("localhost");//or
obj.setDomain(".localhost");//or
obj.setDomain("127.0.0.1");
Which one of above is correct?
846
You could use the tomcat configuration attribte: sessionCookieDomain
The domain to be used for all session cookies created for this context. If set, this overrides any domain set by the web application. If not set, the value specified by the web application, if any, will be used.
<context sessionCookiePath="/myapp/" sessionCookieDomain=".localhost">
...
</context>
in the global config config/context.xml or in an application specific context file.
@See Tomcat configuration documentation
81
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
