Tomcat - User - How does one control what the path is on the JSESSIONID cookie?

The client may have more than one session, which must be distinguished 
by the path, eg i need: 

 Set-Cookie: JSESSIONID=6D839FF3B960947CC6FD41B98CD02E0D; Path=/thredds/p1 


A previous post had this filter, which im guessing i can modify : 

package com.prosc.servlet; 

import javax.servlet.*; 
import javax.servlet.http.*; 
import java.io.IOException; 

/** 
* This class will set the cookie maxAge to match the session timeout value. That way, a user who closes their browser and 
* re-enters the site will still have the same session if it has not timed out on the server. 
*/ 
public class SessionCookieExtender implements Filter { 
    private static final String JSESSIONID = "JSESSIONID"; 

    public void init( FilterConfig config ) throws ServletException {} 

    public void doFilter( ServletRequest _request, ServletResponse _response, FilterChain chain ) throws IOException, ServletException { 
        if( _response instanceof HttpServletResponse ) { 
            HttpServletRequest httpRequest = (HttpServletRequest)_request; 
            HttpServletResponse httpResponse = (HttpServletResponse)_response; 

            HttpSession session = httpRequest.getSession(); 
            if( session != null && session.getId() != null ) { 
                Cookie sessionCookie = new Cookie( JSESSIONID, session.getId() ); 
                int sessionTimeoutSeconds = session.getMaxInactiveInterval(); 
                sessionCookie.setMaxAge( sessionTimeoutSeconds ); 
                sessionCookie.setPath( httpRequest.getContextPath() ); 
                httpResponse.addCookie( sessionCookie ); //FIX! This doesn't actually get rid of the other cookie, but it seems to work OK 
            } 
        } 
        chain.doFilter( _request, _response ); 
    } 

    public void destroy() {} 

阅读全文……

你可能感兴趣的:(session,cookie)