不同项目同一浏览器访问 导致Session覆盖 登录后点击就退出登录问题
产生原因:最近开发项目两个项目部署采用同一个tomcat 部署 (当两个tomcat部署时也会产生)由于部署时候两个项目访问域名相同 localhost:8080/ localhost:8090/两个项目访问路径完全相同只用端口不通
出现情况:当点击项目a内部就退出到登陆页重新登录
问题:由于两个项目采用同一浏览器 当A项目访问时候会创建一个cookie 保存jeesessionId 当访问项目B的时候同一浏览器会携带项目A保存在cookie中的jeessionId 假如jessionId=123 当在次访问B项目服务器时 B项目服务器会根据携带的jeessionId 是否存在 由于不存在 B项目服务器会给jeesession 重新创建一个值 456保存到cookie中 这时候当浏览器在次访问A项目服务器时候由于jesssionId值被改变 所以导致会退出当前登录
解决方案:
可以修改toncat context.xml文件 context上配置sessionCookieName="workSessionId"
<?xml version='1.0' encoding='utf-8'?> <!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> <!-- The contents of this file will be loaded for each web application --> <Context sessionCookieName="workSessionId"> <!-- Default set of monitored resources --> <WatchedResource>WEB-INF/web.xml</WatchedResource> <!-- Uncomment this to disable session persistence across Tomcat restarts --> <!-- <Manager pathname="" /> --> <!-- Uncomment this to enable Comet connection tacking (provides events on session expiration as well as webapp lifecycle) --> <!-- <Valve className="org.apache.catalina.valves.CometConnectionManagerValve" /> --> </Context>
