Bug 49525 - IE8: Unabled to store data in HttpSession (root context)
Summary: IE8: Unabled to store data in HttpSession (root context)
Alias: None
Product: Tomcat 7
Classification: Unclassified
Component: Catalina (show other bugs)
Version: 7.0.6
Hardware: PC Linux
: P2 blocker (vote)
Target Milestone: ---
Assignee: Tomcat Developers Mailing List
Depends on:
Reported: 2010-06-29 22:22 UTC by oschina.net
Modified: 2014-02-17 13:48 UTC (History)
1 user (show)


Note You need to log in before you can comment on or make changes to this bug.
Description oschina.net 2010-06-29 22:22:03 UTC

Tomcat 7.0.0 Beta

A simplest webapp only have a test.jsp below:


this app installed as root context

the test.jsp works fine in firefox

but when using IE8

there is always a different session id where refresh the test page.

BTW: the test.jsp works find in Tomcat 6.x
Comment 1 oschina.net 2010-06-29 22:26:18 UTC
The difference cookie header of tomcat 6 & 7

Tomcat 7 
Set-Cookie: JSESSIONID=E33BFF1384284F317D75025391BF5CB3; Path=""; HttpOnly

Tomcat 6
Set-Cookie: JSESSIONID=F6EB3C21AC71EC2AA305A2BBEE37DBE9; Path=/
Comment 2 Mark Thomas 2010-07-01 15:37:01 UTC
Thanks for the report. Fixed in trunk and will be included in 7.0.1 onwards.
Comment 3 oschina.net 2010-07-01 19:51:20 UTC
Thanks for your reply :)
Comment 4 Bmeist 2011-02-04 11:09:55 UTC
I am seeing this exact problem on 7.0.6, but only Tomcat on Linux.  I have another install of 7.0.6 on Windows and it works fine.

This is the error I see in the logs:

Feb 3, 2011 11:44:15 PM org.apache.tomcat.util.http.Cookies processCookieHeader
INFO: Cookies: Invalid cookie. Value not a token or quoted value

Again, this only happens on IE 8 hitting 7.0.6 on Linux.  Unfortunately we have a LOT of IE 8 users.  I rolled back to Tomcat 6 and it's working fine again.

Thanks very much!
Comment 5 Mark Thomas 2011-02-04 12:01:54 UTC
I've just checked this as Tomcat 7 does return / as the cookie path by default.

From the error message, it looks like your client is sending mal-formed cookies.

The users list is the place to get help with this - you need to provide an example cookie header that is failing.