内容转自:http://blog.csdn.net/luka2008/article/details/38385703/,请直接看原文,不过这篇“原文”也是转的。。。
1,Tomcat下
代码:
import com.sun.javaws.Globals; import javax.xml.soap.MimeHeaders;
import java.io.IOException; /**
* Created by liu.yuxiang on 2017/9/26.
*/
public class SessionCrossDomainValve extends ValveBase { public SessionCrossDomainValve() {
super();
info = "com.jinfuzi.SessionCrossDomainValve";
} public void invoke(Request request, Response response) throws IOException, ServletException {
request.getSession(true);
// replace any Tomcat-generated session cookies with our own
Cookie[] cookies = response.getCookies();
if (cookies != null) {
for (int i = 0; i < cookies.length; i++) {
Cookie cookie = cookies;
containerLog.debug("CrossSubdomainSessionValve: Cookie name is "
+ cookie.getName());
if (Globals.SESSION_COOKIE_NAME.equals(cookie.getName())) {
replaceCookie(request, response, cookie);
}
}
}
// process the next valve
getNext().invoke(request, response);
} @SuppressWarnings("unchecked")
protected void replaceCookie(Request request, Response response, Cookie cookie) {
//copy the existing session cookie, but use a different domain
Cookie newCookie = new Cookie(cookie.getName(), cookie.getValue());
if (cookie.getPath() != null)
newCookie.setPath(cookie.getPath());
newCookie.setDomain(getCookieDomain(request));
newCookie.setMaxAge(cookie.getMaxAge());
newCookie.setVersion(cookie.getVersion());
if (cookie.getComment() != null)
newCookie.setComment(cookie.getComment());
newCookie.setSecure(cookie.getSecure()); //if the response has already been committed, our replacement strategy will have no effect
if (response.isCommitted())
containerLog.error("CrossSubdomainSessionValve: response was already committed!"); //find the Set-Cookie header for the existing cookie and replace its value with new cookie
MimeHeaders headers = response.getCoyoteResponse().getMimeHeaders();
for (int i = 0, size = headers.size(); i < size; i++)
{
if (headers.getName(i).equals("Set-Cookie"))
{
MessageBytes value = headers.getValue(i);
if (value.indexOf(cookie.getName()) >= 0)
{
StringBuffer buffer = new StringBuffer();
ServerCookie.appendCookieValue(buffer, newCookie.getVersion(), newCookie
.getName(), newCookie.getValue(), newCookie.getPath(), newCookie
.getDomain(), newCookie.getComment(), newCookie.getMaxAge(), newCookie
.getSecure()); //如果是tomcat6.020,这里需要多加一个true.
containerLog.debug("CrossSubdomainSessionValve: old Set-Cookie value: " + value.toString());
containerLog.debug("CrossSubdomainSessionValve: new Set-Cookie value: " + buffer);
value.setString(buffer.toString());
}
}
}
} protected String getCookieDomain(Request request) {
String cookieDomain = request.getServerName();
String[] parts = cookieDomain.split("\\.");
if (parts.length >= 2)
cookieDomain = parts[parts.length - 2] + "."
+ parts[parts.length - 1];
return "." + cookieDomain;
} public String toString() {
return ("CrossSubdomainSessionValve[container=" + container.getName() + ']');
}
}
这个类就是查看response要写入的cookie有没有符合规则,有就对cookie,domain进行变更,变为二级域名
将这个类打包成jar包,放进{catalina_home}/lib下,并在server.xml中注册:
<Valve className="SessionCrossDomainValve"/>
2、改变获取Session的方式
public Session getSession(HttpServletRequest request, HttpServletResponse response){
HttpSession session = request.getSession(false);
if (session==null){
session = request.getSession(true);
String session_id = session.getId();
Cookie c = new Cookie("JSESSIONID",session_id);
c.setDomain(".vinceruan.info");
c.setPath("/");
response.addCookie();
}
}