35

My webapp is having an issue since upgrading to Tomcat 7. My session will go null after I login and try to do anything (submitting a request). I've read that setting the following may help:

org.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR=false

Does anyone know where to set this? Should this be set in web.xml, context.xml or somewhere else?

The other thing I want to check is the following:

org.apache.catalina.STRICT_SERVLET_COMPLIANCE
Kalle Richter
  • 8,008
  • 26
  • 77
  • 177
LuckY07
  • 421
  • 1
  • 6
  • 12
  • I read the following, http://tomcat.apache.org/tomcat-7.0-doc/config/systemprops.html and i did not see any information on where to set this. I just need to know how to correctly set that FWD_SLASH_IS_SEPARATOR to false. – LuckY07 Mar 01 '12 at 20:48
  • Also, we're running on a windows environment. – LuckY07 Mar 01 '12 at 21:05
  • @Michael - Where in RUNNING.txt does it show WHERE to set FWD_SLASH_IS_SEPARATOR? Are you referring to how it shows you how to set variables (in windows) to setenv.bat? – LuckY07 Mar 02 '12 at 15:21
  • we made our change in the of SERVER.XML, not in setenv.bat, is one way more accepted than the other? Thanks. – LuckY07 Mar 02 '12 at 15:22
  • @Michael-O instead of answering to question you are playing. – Vijay Shegokar Aug 21 '14 at 10:40

5 Answers5

45

You can set any of the system properties in 

apache-tomcat-7.0.33\conf\catalina.properties

file. Adding your entry in this file should resolve your problem.

E.g.

environment=local
Niladri
  • 93
  • 1
  • 6
user2335780
  • 529
  • 5
  • 2
19

You can set system properties in Tomcat by creating a setenv.sh file in /bin directory. I did the following to set the system properties.

export JAVA_OPTS="-Dmyprojectvar.subname=value -Danothervariable=value -Danother.variable=value"

Remember:

There is no space between the export JAVA_OPTS and =. Also: the symbol & is different, use ..

Now, run your catalina.sh to start tomcat.

brass monkey
  • 5,841
  • 10
  • 36
  • 61
Sreevidya Aravind
  • 433
  • 1
  • 6
  • 18
  • 4
    Unfortunately you can't set **secret** values (e.g. truststore passwords) that way without revealing them to anyone who can log on and run 'ps' or read /proc/*/cmdline. Defining them in catalina.properties avoids that leakage.This is one reason why using custom system properties to configure servlet code is a _bad idea_. Use context parameters instead. – Mark Wood Jun 17 '15 at 20:25
  • 5
    In addition to the caveat raised by @MarkWood, this technique will only work when Tomcat is launched using the startup scripts. If you use another facility to launch Tomcat (e.g. as a Microsoft Windows "Service"), scripts such as `bin/setenv.sh|bat` are ignored. Using `catalina.properties` ensures that the system properties are set regardless of the way Tomcat is launched. – Christopher Schultz Sep 14 '16 at 22:09
  • instead of JAVA_OPTS - create a new system property and then include it , that way you don't mess up systems existing properties - ex i configured log path this way - export "LOG_CONFIG= -DMY_LOG=root/users/myUser/data/logs" – Ashish Shetkar Jun 25 '18 at 12:50
5

You can set these system properties in command line that starts Tomcat. For example, you can have file setenv.bat (on setenv.sh if you are on linux) in Tomcats bin folder with following content:

set "CATALINA_OPTS=%CATALINA_OPTS% -Dfile.encoding=UTF8 -Dorg.apache.catalina.STRICT_SERVLET_COMPLIANCE=true -Duser.timezone=GMT -Xmx1024m -XX:MaxPermSize=256m"

This file is preferred way of setting properties for Tomcat.

Now, FWD_SLASH_IS_SEPARATOR is by default set to false. If you set STRICT_SERVLET_COMPLIANCE to true, the value of FWD_SLASH_IS_SEPARATOR will be also set to true (and values of some other properties). However, you can set it explicitly to false, e.g. using the following in your setenv file is fine:

-Dorg.apache.catalina.STRICT_SERVLET_COMPLIANCE=true
-Dorg.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR=false

This is also what I suggest when someone sets STRICT_SERVLET_COMPLIANCE to true, to always disable the FWD_SLASH_IS_SEPARATOR. Otherwise, the cookie Path value will be sent quoted (e.g. "\") and all browsers as of today, except Opera, do not recognize this and would e.g. fail to track the session.

Kalle Richter
  • 8,008
  • 26
  • 77
  • 177
igr
  • 10,199
  • 13
  • 65
  • 111
3

THE SOLUTION: 

sessionCookiePathUsesTrailingSlash="false"

We actually figured out how to solve this. It was a Tomcat 7 setting we needed to set. We placed it in server.xml, under the tag as follows:

<Context path="/test" reloadable="true" docBase="c:\webapp\test" 
workDir="c:\webapp\test" sessionCookiePathUsesTrailingSlash="false"/>

When we were debugging the problem and looking at the cookies path we noticed it was putting a \ backslash after the webapp name, so for our test webapp it was setting the path to /test/ instead of /test. This caused a bunch of problems.

Has anyone else had to deal with this setting in Tomcat 7? Or have a similar problem?

Kalle Richter
  • 8,008
  • 26
  • 77
  • 177
LuckY07
  • 421
  • 1
  • 6
  • 12
1

If you are trying to set variables for a server running in eclipse:

  1. Select Run > Run Configurations
  2. Make sure your server is selected
  3. Select Environment Tab
  4. Click 'New' to add a new variable
Brent Sandstrom
  • 841
  • 10
  • 16