Changing default JSESSIONID name of cookie and/or parameter is the objective. Deployed J2EE web applications use browser cookie or parameter based session management technique. By default session cookie name is defined as “JSESSIONID” and session id parameter as “jsessionid” in Apache Tomcat servers. These names can be renamed by specifying required values for correct system properties.Requirements
This system properties based feature is only available in releases newer than Tomcat 5.5.28 and Tomcat 6.0.20.System properties
Related system properties are;- org.apache.catalina.SESSION_COOKIE_NAME (for cookie name)
- org.apache.catalina.SESSION_PARAMETER_NAME (for parameter name)
Passing system properties
System property can be passed using standard methodology; use “-D” parameter of Java command similar to following.java -D<key>=<value>
Modify catalina.sh to pass system properties
Following extract is from a modified bin/catalina.sh to pass these system properties; similarly bin/catalina.bat can be modified for Windows based installations.#!/bin/sh
// .....
# ------------------------------------------
# Start/Stop Script for the CATALINA Server
// .....
# ------------------------------------------
JAVA_OPTS="$JAVA_OPTS
-Dorg.apache.catalina.SESSION_COOKIE_NAME=MYJSESSIONID
-Dorg.apache.catalina.SESSION_PARAMETER_NAME=myjsessionid"
// .....
Note:
The decision on whether cookie based or parameter based session management is used depend on client browser settings.