search

grails / grails-core

The Grails Web Application Framework
http://grails.org
Apache License 2.0
2.78k stars 951 forks source link

Session Cookie Name #9664

Closed andreasschiestl closed 8 years ago

andreasschiestl commented 8 years ago

In Grails 2.x you can change the name of the session cookie in the web.xml with

<session-config>
    <cookie-config>
        <name>JSESSIONID_XYZ</name>
    </cookie-config>
</session-config>

In Grails 3.0 there is by default no web.xml. Is there any other way to change the name of the session cookie? I tried to create a web.xml but it didn't work

burtbeckwith commented 8 years ago

It works when deployed as a war, but not with run-app. Add this to src/main/webapp/WEB-INF/web.xml:

<?xml version='1.0' encoding='UTF-8'?>
<web-app version='3.0'
         xmlns='http://java.sun.com/xml/ns/javaee'
         xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'
         xsi:schemaLocation='http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd'>

   <session-config>
      <cookie-config>
         <name>JSESSIONID_XYZ</name>
      </cookie-config>
   </session-config>

</web-app>

and deploy the war to Tomcat or another container and it will use the config settings from web.xml along with the programmatic servlet/filter/etc. registrations.

graemerocher commented 8 years ago

Looks like you can se the cookie name with a ServletContextInitializer http://stackoverflow.com/questions/35163824/how-to-set-secure-flag-on-cookie-programatically

andreasschiestl commented 8 years ago

@graemerocher thank you for the link, I'll try and give a short feedback if it works

graemerocher commented 8 years ago

You may want to use http://docs.spring.io/autorepo/docs/spring-boot/1.2.0.M2/api/org/springframework/boot/context/embedded/ServletContextInitializer.html instead, which you can register as a Spring bean in resources.groovy and it will be picked up automatically

andreasschiestl commented 8 years ago

@graemerocher even better! works perfektly, thank you!

ppazos commented 8 months ago

Tried this on grails 5 and I'm receiving this error:

java.lang.IllegalStateException: Property [name] cannot be added to SessionCookieConfig for context [] as the context has been initialised
    at org.apache.catalina.core.ApplicationSessionCookieConfig.setName(ApplicationSessionCookieConfig.java:125)
    at javax.servlet.SessionCookieConfig$setName.call(Unknown Source)
    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:47)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:125)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:139)
    at openehr.opt.gui.BootStrap$_closure1.doCall(BootStrap.groovy:26)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
    at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:107)
    at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:323)
    at org.codehaus.groovy.runtime.metaclass.ClosureMetaClass.invokeMethod(ClosureMetaClass.java:274)
    at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1035)
    at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1149)
    at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1035)
    at groovy.lang.Closure.call(Closure.java:412)
    at groovy.lang.Closure.call(Closure.java:406)
    at grails.util.Environment.evaluateEnvironmentSpecificBlock(Environment.groovy:585)
    at grails.util.Environment.executeForEnvironment(Environment.groovy:578)
    at grails.util.Environment.executeForCurrentEnvironment(Environment.groovy:554)
    at org.grails.web.servlet.boostrap.DefaultGrailsBootstrapClass.callInit(DefaultGrailsBootstrapClass.java:74)
    at org.grails.web.servlet.context.GrailsConfigUtils.executeGrailsBootstraps(GrailsConfigUtils.java:83)
    at org.grails.plugins.web.servlet.context.BootStrapClassRunner.onStartup(BootStrapClassRunner.groovy:56)
    at grails.boot.config.GrailsApplicationPostProcessor.onApplicationEvent(GrailsApplicationPostProcessor.groovy:269)
    at grails.boot.config.GrailsApplicationPostProcessor.onApplicationEvent(GrailsApplicationPostProcessor.groovy)
    at org.springframework.context.event.SimpleApplicationEventMulticaster.doInvokeListener(SimpleApplicationEventMulticaster.java:176)
    at org.springframework.context.event.SimpleApplicationEventMulticaster.invokeListener(SimpleApplicationEventMulticaster.java:169)
    at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:143)
    at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:421)
    at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:378)
    at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:938)
    at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:586)
    at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:147)
    at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:731)
    at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:408)
    at org.springframework.boot.SpringApplication.run(SpringApplication.java:307)
    at grails.boot.GrailsApp.run(GrailsApp.groovy:99)
    at grails.boot.GrailsApp.run(GrailsApp.groovy:485)
    at grails.boot.GrailsApp.run(GrailsApp.groovy:472)
    at grails.boot.GrailsApp$run.call(Unknown Source)
    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:47)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:125)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:148)
    at openehr.opt.gui.Application.main(Application.groovy:9)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
    at org.springframework.boot.devtools.restart.RestartLauncher.run(RestartLauncher.java:49)

I have created this class in src:

package com.cabolabs.util

import org.springframework.boot.web.servlet.ServletContextInitializer
import javax.servlet.ServletContext
import javax.servlet.ServletException
import org.springframework.context.annotation.Bean

public class CookieNameInitializer {
   @Bean
   public ServletContextInitializer initializer() {
      return new ServletContextInitializer() {
         public void onStartup(ServletContext servletContext) throws ServletException {
            servletContext.getSessionCookieConfig().setName('JSESSION_TK')
         }
      };
   }
}