We have one web application that is being built to serve multiple regional web site TLDs. In addition, the web application also supports thousands of dynamic subdomains. Examples include:
www.example.com
www.example.co.uk
www.example.com.ar
fred123.example.co.uk <== Thousands of this form
fred123.p.example.us <== Thousands of this form
While we can understand that different domain TLDs result in new sessions a problem starts to appear with the latter 2 examples above which also result in new session instances. For example if a user:
- Goes to: www.example.co.uk a new session is created and then...
- Clicks on a link: fred123.example.co.uk a new session is created and then...
- Clicks on a link: sam99.example.co.uk a new session is created...
3 clicks ==>> 3 sessions!!!!
The problem appears to be due to the fact that GlassFish v3 automatically makes the domain of the JSESSIONID to be the FQDN of the host request.
What is required is that the host name part be stripped off the domain value at the very least to have domains values like:
.example.com
.example.co.uk
.example.com.ar
.example.co.uk <== Thousands of this form
.p.example.us <== Thousands of this form
Does anyone know how this can be achieved. I have found the following Q&A however in our case the subdomain TLDs do not all match:
http://stackoverflow.com/questions/1303193/an-issue-dealing-with-jsp-session
Ergo the solution of statically configuring the sun-web.xml OR using a Servlet 3.0 solution does not appear to help. Also creating a filter response wrapper does not work either as the JSESSIONID cookie is assigned in the lower levels of the Application server and is not exposed to the Web App to intercept.
The only other two options I think I have are:
a) Patch the GlassFish v3 code that sets JSESSIONID cookie domain value to FQDN so that some stripping occurs OR
b) Doing something in the Sun Web Server 7.0 reverse proxy layer that we have to re-write the JSESSIONID cookie domain value returned in the set-cookie header however I have not been able to find examples on how to do this
Can anyone help resolve this issue? Any clues / help will be very much appreciated!