I am upgrading my Tomcat from version 7 to Tomcat 8.5. Authentication flow for my application is : Initial request is redirected to okta, which sends authentication token. I set the token in cookies on root (/) path and send a redirect response, so that next time when request come, it will have valid authentication token and will be authenticated successfully. Everything was working fine on Tomcat 7. After upgrading to Tomcat 8.5, this flow stopped working. Reason is that now redirect request is blocking the cookies containing the authentication token. On debugging I found that now cookies are not set on the root(/) path but they are now set on the logging request path (/app/api/). One more difference which I found while comparision between cookies in browser is that: In Tomcat 7 cookies are showing with path (/) on browser developer tool while in case of Tomcat 8, it is showing as ("/"). I guess that browser is not able to understand the path in the response. I have tried changing context under conf/context.xmt with attribute sessionCookiePath="/" and changing cookie processor to LegacyCookieProcessor but nothing is working. Any help will be appreciated
Browser not sending cookies back for 302 redirect response
74 views Asked by Rahul At
1
There are 1 answers
Related Questions in JAVA
- I need the BIRT.war that is compatible with Java 17 and Tomcat 10
- Creating global Class holder
- No method found for class java.lang.String in Kafka
- Issue edit a jtable with a pictures
- getting error when trying to launch kotlin jar file that use supabase "java.lang.NoClassDefFoundError"
- Does the && (logical AND) operator have a higher precedence than || (logical OR) operator in Java?
- Mixed color rendering in a JTable
- HTTPS configuration in Spring Boot, server returning timeout
- How to use Layout to create textfields which dont increase in size?
- Function for making the code wait in javafx
- How to create beans of the same class for multiple template parameters in Spring
- How could you print a specific String from an array with the values of an array from a double array on the same line, using iteration to print all?
- org.telegram.telegrambots.meta.exceptions.TelegramApiException: Bot token and username can't be empty
- Accessing Secret Variables in Classic Pipelines through Java app in Azure DevOps
- Postgres && statement Error in Mybatis Mapper?
Related Questions in COOKIES
- Loading Google Analytics after the user consents to cookie usage
- Express session is not seened in server code
- Cookie doesn't send different domain django and react
- Storing settings in cookies
- Cant handle Session's cookie when Safari/iOS
- Create new cookie with host only set to false in chrome extension
- 3rd Party cookies error on deployment server
- Access Cookies in TRPC fetch handler
- My project uses cookiebot but when I accept cookies at the start of website it deletes my localstorage data
- Postman receiving cookie but my browser isn't receiving it when I try
- Nextjs: Ability to fetch HTTPS-ONLY cookies using server actions, is there a vulnerability?
- Cant send cookie at res when user using Safari/iOS
- Initialize a singleton from cookies for a ASP.NET Core Razor project
- JS doesn't put cookies after domain change for localhost
- Unable to set cookies from hosted backend (https://dev.abcd.com) to localhost of frontend
Related Questions in TOMCAT8
- Java+Tomcat8.5.78: Not calling action on form submit with files over 100KB
- Restrict Tomcat web.xml and other resources under WEB-INF from user access
- Getting "Failed to clear soft references from ObjectStreamClass$Caches for web application" error while starting app- tomcat8
- Cannot Open to Tomcat Manager Screen
- Tomcat service stop and start commands calling from a jar
- Browser not sending cookies back for 302 redirect response
- I am trying to upgrade a soap based web service which is using tomcat 7 and jdk 1.7 to tomcat version 8.5 and same jdk version
- Vaadin 7 UI in one browser tab waiting on UI in another browser tab
- Risk of high value in maxParameterCount
- Unable set user and password on tomcat 8.0.36
- IntelliJ IDEA - Local Tomcat startup error - NameNotFoundException
- Setting up SSL certificate: APR tomcat-native Library installed, but APR Connector does not initialize
- Tomcat Basic Authentication for 1 Webapp only
- fatal error has been detected by the Java Runtime Environment[SIGBUS (0x7) at pc=0x00007f5c1f9dc200, pid=367, tid=0x00007f5ba8c4a640]
- Unable to Execute Platform Threads in Spring Boot Application - Only NIO Threads Working
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Popular Tags
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Finally I was able to find the root cause and below are my findings: Quoted path "/" means browser is not able to understand the cookie path send the server. In my case this could be happening due to outdated jersey version used in the project. I fixed this issue by setting the cookie in response header as Set-Cookie and not using jersey cookie methods to set cookie.