目标:一级域名登陆之后二级域名同样会获取用户信息。
Tomcat 下,不同的二级域名,Session 默认是不共享的,因为 Cookie 名称为 JSESSIONID 的 Cookie 根域是默认是没设置的,访问不同的二级域名,其 Cookie 就重新生成,而 session 就是根据这个 Cookie 来生成的,所以在不同的二级域名下生成的 Session 也不一样
tomcat7 + jsp +nginx
查阅各种资料之后总结如下:
>配置nginx 映射成不同的域名。
一级域名:http://www.testxmf.com/
>二级域名:http://tool.testxmf.com 、 http://traffic.testxmf.com
配置tomcat server.xml
<Engine name="Catalina" defaultHost="localhost">
<!--For clustering, please take a look at documentation at:
/docs/cluster-howto.html (simple how to)
/docs/config/cluster.html (reference documentation) -->
<!--
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
-->
<!-- Use the LockOutRealm to prevent attempts to guess user passwords
via a brute-force attack -->
<Realm className="org.apache.catalina.realm.LockOutRealm">
<!-- This Realm uses the UserDatabase configured in the global JNDI
resources under the key "UserDatabase". Any edits
that are performed against this UserDatabase are immediately
available for use by the Realm. -->
<Valve className="org.three3s.valves.CrossSubdomainSessionValve"/>
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
<Host appBase="webapps" autoDeploy="true" name="localhost" unpackWARs="true" xmlNamespaceAware="false" xmlValidation="false">
<!-- SingleSignOn valve, share authentication between web applications
Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->
<!-- Access log processes all example.
Documentation at: /docs/config/valve.html
Note: The pattern used is equivalent to using pattern="common" -->
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log." suffix=".txt"
pattern="%h %l %u %t %r %s %b %T" />
<Context path="" docBase="/home/wsm/website" reloadable="true" crossContext="true" sessionCookiePath="/" sessionCookieDomain=".testxmf.com"></Context>
</Host>
</Engine>
tomcat lib下加入CrossSubdomainSessionValve.jar 这个包
import java.io.IOException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import org.apache.catalina.Globals;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.catalina.valves.ValveBase;
import org.apache.tomcat.util.buf.MessageBytes;
import org.apache.tomcat.util.http.MimeHeaders;
import org.apache.tomcat.util.http.ServerCookie;
/**
* 取代由 Tomcat 域产生的会话 cookie ,允许该会话 cookie 跨子域共享。
*
* Tomcat Server.xml 配置:
* <Valve className="me.seanchang.CrossSubdomainSessionValve"/>
*/
public class CrossSubdomainSessionValve extends ValveBase {
private static Logger log = Logger.getLogger("CrossSubdomainSessionValve");
public CrossSubdomainSessionValve() {
super();
info = "me.seanchang.CrossSubdomainSessionValve/1.0";
}
@Override
public void invoke(Request request, Response response) throws IOException,
ServletException {
// this will cause Request.doGetSession to create the session cookie if
// necessary
request.getSession(true);
// replace any Tomcat-generated session cookies with our own
Cookie[] cookies = response.getCookies();
if (cookies != null) {
for (int i = 0; i < cookies.length; i++) {
Cookie cookie = cookies[i];
log.info("CrossSubdomainSessionValve: Cookie name is "
+ cookie.getName());
if (Globals.SESSION_COOKIE_NAME.equals(cookie.getName()))
replaceCookie(request, response, cookie);
}
}
// process the next valve
getNext().invoke(request, response);
}
/**
* @param request
* @param response
* @param cookie
* cookie to be replaced.
*/
protected void replaceCookie(Request request, Response response, Cookie cookie) {
// copy the existing session cookie, but use a different domain
Cookie newCookie = new Cookie(cookie.getName(), cookie.getValue());
if (cookie.getPath() != null)
newCookie.setPath(cookie.getPath());
newCookie.setDomain(getCookieDomain(request));
newCookie.setMaxAge(cookie.getMaxAge());
newCookie.setVersion(cookie.getVersion());
if (cookie.getComment() != null)
newCookie.setComment(cookie.getComment());
newCookie.setSecure(cookie.getSecure());
// if the response has already been committed, our replacement strategy
// will have no effect
MimeHeaders headers = new MimeHeaders();
if (response.isCommitted())
log.info("CrossSubdomainSessionValve: response was already committed!");
// find the Set-Cookie header for the existing cookie and replace its
// value with new cookie
headers = response.getCoyoteResponse().getMimeHeaders();
for (int i = 0, size = headers.size(); i < size; i++) {
if (headers.getName(i).equals("Set-Cookie")) {
MessageBytes value = headers.getValue(i);
if (value.indexOf(cookie.getName()) >= 0) {
StringBuffer buffer = new StringBuffer();
ServerCookie
.appendCookieValue(buffer, newCookie.getVersion(),
newCookie.getName(), newCookie.getValue(),
newCookie.getPath(), newCookie.getDomain(),
newCookie.getComment(),
newCookie.getMaxAge(),
newCookie.getSecure(), true);
log.info("CrossSubdomainSessionValve: old Set-Cookie value: "
+ value.toString());
log.info("CrossSubdomainSessionValve: new Set-Cookie value: "
+ buffer);
value.setString(buffer.toString());
}
}
}
}
/**
* @param request provides the server name used to create cookie domain.
* @return the last two parts of the specified request's server name preceded by a dot.
*/
protected String getCookieDomain(Request request) {
String cookieDomain = request.getServerName();
String[] parts = cookieDomain.split("\\.");
if (parts.length >= 2)
cookieDomain = parts[parts.length - 2] + "."
+ parts[parts.length - 1];
return "." + cookieDomain;
}
public String toString() turn ("CrossSubdomainSessionValve[container=" + container.getName() + ']');
}
}
转自:http://497155382.blog.163.com/blog/static/1949123201391694020/
http://tomcat.apache.org/tomcat-6.0-doc/config/context.html