How can I change the length of the generated JSESSIONID using Liberty?

Question

How can I change the length of the generated JSESSIONID using Liberty?

I am getting warning messages when starting my project in Liberty, especially in Chrome.

[WARNING ] Detected JSESSIONID with invalid length; expected length of 23, found 28, setting: BD14EBEEDBE53803FAE565131A03 to null.

This is because Liberty generates a JSESSIONID with length 28, but the Liberty profile defaults to idStyle property for httpSession for 23. If I set

<httpSession idLength="28" />

in Liberty server.xml I am not getting these warning messages in the log. However, I would like to solve this without changing the server.xml.

Is it possible to change the way the default JSESSIONID is generated to length 23? Or maybe this is a bad approach?

+3

javascript session websphere-liberty jsessionid

wright8191 22 oct. 14 at 16:21

source to share

2 answers

Gas · Answer 1 · 2014-10-22T17:34:39+0000

WebSphere creates JSESSIONID

lengths by default 23

. So, in your case, you must have different application server or web container on the same server that creates different session cookies. The best way to avoid these problems is to change the default cookie name for one of the installed products. Changing the length to 28 will only resolve the message in the log, but instead you will get application errors as Websphere will look for sessions it does not have, and vice versa another application server when a cookie generated by WebSphere won Do not find also session.

Check this link: http://www-01.ibm.com/support/docview.wss?uid=swg21671600

David avant · Answer 2 · 2016-03-11T22:37:34+0000

I got this error after upgrading my version of WebSphere to 8.5.5.8. Which, in the end, was a trick to delete browser cookies. I suspect what is happening is that the browser was using older (longer) JSESSION cookies from an earlier version of WebSphere.

How can I change the length of the generated JSESSIONID using Liberty?

More articles: