Home/ Questions/Q 8656105
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-12T15:11:49+00:00

I have several separate instances of the same web application running on different servers

  • 0

I have several separate instances of the same web application running on different servers (all have different public facing IPs). I make use of sessions to store currently logged in user’s information.

HttpSession session = req.getSession(true);     

User user = (User)session.getAttribute("user");
if (user == null) {
  // get my user
  session.setMaxInactiveInterval(....);
  session.setAttribute("user", user);
}

The problem is that when I log in to one instance (call it instance 1) and then log in to another (instance 2) then when I switch to instance 1 it picks up the cookie for instance 2 and obviously creates a problem when the user which such an id doesn’t exist on instance 1 and even worse when it silently just finds the user that matches that id..

I’ve looked at the cookies and only one JSESSIONID cookie is created with domain of “localhost” and it is shared with all instances. Is there a way to set Tomcat to set the domain to be the domain of the machine?

I’m running Tomcat 6.0.35

Any help would be appreciated. Thank you!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can change defaultHost to the hostname (or network name) of the server.
    Have a look at Tomcat’s conf/server.xml configuration file:

    <Engine ... defaultHost="myserver">

    Then you’ll also need to change:

    <Host ... name="myserver">

    See:

    http://tomcat.apache.org/tomcat-6.0-doc/config/engine.html
    http://tomcat.apache.org/tomcat-6.0-doc/config/host.html

    As another possible solution you can define jvmRoute as the “unique name” for each instance. 

    <Engine ... jvmRoute="instance1">

    This will generate a JSESSIONID like:

    C85262796BE5F656BD8EF58A96F03C96.instance1
    • 0