Chrome and JSESSIONID

google-chrome grails tomcat7 jsessionid
Beastcraft picture Beastcraft · Jan 16, 2012 · Viewed 10.3k times · Source

Following problem with chrome...:

I've running an Grails 1.3.7 Application on a Server. I've noticed, when I request a static content (such as non-dynamic html-files) from Chrome, Chrome creates two JSESSIONID-Cookies. The first one when the login-window shows up, and the second after a successfull login. If I want to refresh the page, or request another resource, I've to login again. (I think because Tomcat doesn't understand those two cookies)

I've tried it with FF, but FF just just creates one Cookie and its working perfectly. Also, I've ran the app locally, and it works even with chrome perfectly. So, something with tomecat must be wrong.

Enviroment:

  • Grails-Application 1.3.7 (with Spring-Security-Core 1.2.4)
  • Apache Tomcat 7 (on Windows Server 2008)

My httpd.conf: 

ProxyPass /manager http://myUrl:8080/manager
ProxyPass /myGrailsApp http://myUrl:8080/myGrailsApp
ProxyPassReverse /manager http://myUrl:8080/manager
ProxyPassReverse /myGrailsApp http://myUrl:8080/myGrailsApp

ProxyPass / http://myUrl:8080/myGrailsApp/frontend
ProxyPassReverse / http://myUrl:8080/myGrailsApp/frontend

Thanks in advance.

Update 1:

I re-builded, re-deployed the app and restarted tomcat again.

Now I noticed: Chrome doesn't generate two cookies anymore. But the error is the same. Every time I refresh or request something, the JSESSIONID changes and I have to log in again.

A short watch on the tomcat-server displays a big amount of active sessions - those from chrome...

Update 2:

I tried it locally on the server (with chrome):

  • localhost/myApp/frontend => Apache => FAIL
  • localhost:8080/myApp/frontend => Tomcat => OK

It seems like Apache is the problem (?).

Solution:

I've got it :) The Grails *.gsp-Templates always requested the 'favicon.ico' on each request. The reason why the error appeared on static content (like html-files) is because we redirect to those resources from our Grails-Application.

So I've put the favicon.ico in the right place, and now it works :)

This error just concerns Google Chrome, in FF and IE it worked without any problems.

Answer

Marqs picture Marqs · Mar 20, 2012

I also ran into this problem. It took me a while to figure out what was happening (including sniffing with Wireshark), and still more time to find a viable solution. At last I found this thread https://vaadin.com/forum/-/message_boards/view_message/1216366

It seams that this is a problem with Chrome/Safari (Webkit browsers?) and the way they handle redirected cookies. The simple fix was to add a context.xml to the META-INF directory in my spring project containing

<?xml version='1.0' encoding='utf-8'?>
<Context sessionCookiePathUsesTrailingSlash='false'>
</Context>

and then redeploying the new war file. Now everything is working as intended.

Related questions

Disable same origin policy in Chrome

Is there any way to disable the Same-origin policy on Google's Chrome browser?

Read More
How to remove focus border (outline) around text/input boxes? (Chrome)

Can anyone explain how to remove the orange or blue border (outline) around text/input boxes? I think it only happens on Chrome to show that the input box is active. Here's the input CSS I'm using: input { background-color: transparent; …

Read More
Hide scroll bar, but while still being able to scroll

I want to be able to scroll through the whole page, but without the scrollbar being shown. In Google Chrome it's: ::-webkit-scrollbar { display: none; } But Mozilla Firefox and Internet Explorer don't seem to work like that. I also tried this …

Read More