zoukankan      html  css  js  c++  java
  • java.lang.IllegalArgumentException: An invalid domain [.test.com] was specified for this cookie

    https://blog.csdn.net/cml_blog/article/details/52135115

    当项目中使用单点登录功能时,通常会使用cookie进行信息的保存,这样就可以在多个子域名上存取用户信息。
    比如有三个domain分别为test.com,cml.test.com,b.test.com这三个域名下的cookie是需要互相访问的。这时会在response上写入cookie信息

    Cookie cookie = new Cookie("testCookie", "test");
    cookie.setDomain(".test.com");
    cookie.setPath("/");
    cookie.setMaxAge(36000);
    resp.addCookie(cookie);
    1
    2
    3
    4
    5
    这样写在tomcat8.0上是没问题的,三个域名可以共享cookie信息。但是把它放到tomcat8.5上就报错了

    java.lang.IllegalArgumentException: An invalid domain [.test.com] was specified for this cookie
    at org.apache.tomcat.util.http.Rfc6265CookieProcessor.validateDomain(Rfc6265CookieProcessor.java:181)
    at org.apache.tomcat.util.http.Rfc6265CookieProcessor.generateHeader(Rfc6265CookieProcessor.java:123)
    at org.apache.catalina.connector.Response.generateCookieString(Response.java:989)
    at org.apache.catalina.connector.Response.addCookie(Response.java:937)
    at org.apache.catalina.connector.ResponseFacade.addCookie(ResponseFacade.java:386)
    at com.cml.mvc.controller.HelloWorld.str(HelloWorld.java:98)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:497)
    at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:221)
    at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:137)
    at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:110)
    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandleMethod(RequestMappingHandlerAdapter.java:777)
    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:706)
    at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    在tomcat8.5上是使用org.apache.tomcat.util.http.Rfc6265CookieProcessor

    The standard implementation of CookieProcessor is org.apache.tomcat.util.http.Rfc6265CookieProcessor.

    This cookie processor is based on RFC6265 with the following changes to support better interoperability:

    Values 0x80 to 0xFF are permitted in cookie-octet to support the use of UTF-8 in cookie values as used by HTML 5.
    For cookies without a value, the '=' is not required after the name as some browsers do not sent it.
    The RFC 6265 cookie processor is generally more lenient than the legacy cookie parser. In particular:

    The '=' and '/' characters are always permitted in a cookie value.
    Name only cookies are always permitted.
    The cookie header is always preserved.
    No additional attributes are supported by the RFC 6265 Cookie Processor.
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    文档地址

    在tomcat8.0上使用的是org.apache.tomcat.util.http.LegacyCookieProcessor

    The standard implementation of CookieProcessor is org.apache.tomcat.util.http.LegacyCookieProcessor. Note that it is anticipated that this will change to org.apache.tomcat.util.http.Rfc6265CookieProcessor in a future Tomcat 8 release.

    This is the legacy cookie parser based on RFC6265, RFC2109 and RFC2616. It implements a strict interpretation of the cookie specifications. Due to various interoperability issues with browsers not all strict behaviours are enabled by default and additional options are available to further relax the behaviour of this cookie processor if required.
    1
    2
    3
    文档地址

    问题就可以定位在CookieProcessor不同实现引起的。
    原因分析见下半篇博客:An invalid domain [.test.com] was specified for this cookie 原因分析

    解决方法:

    指定完整的domain信息,但是这样单点登录就会有问题了
    Cookie cookie = new Cookie("testCookie", "test");
    cookie.setDomain("cml.test.com");
    cookie.setPath("/");
    cookie.setMaxAge(36000);
    resp.addCookie(cookie);
    1
    2
    3
    4
    5
    2.设置为一级域名(推荐)

    Cookie cookie = new Cookie("testCookie", "test");
    cookie.setDomain("test.com");
    cookie.setPath("/");
    cookie.setMaxAge(36000);
    resp.addCookie(cookie);
    1
    2
    3
    4
    5
    域名问题参考文章:顶级域名和二级域名共享cookie及相互删除cookie
    ---------------------
    作者:cmlbeliever
    来源:CSDN
    原文:https://blog.csdn.net/cml_blog/article/details/52135115
    版权声明:本文为博主原创文章,转载请附上博文链接!

  • 相关阅读:
    保存时出错jup
    Spyder默认页面布局调整
    根据所处位置提取单元格内容的函数(left、right、mid)和查找字符串位于单元格内容第几位的函数(find)
    excel打印出现多余空白页
    Excel的布尔值运算
    excel VBA一个fuction同时执行多个正则表达式,实现方法
    excel VBA把一个单元格内容按逗号拆分并依次替换到另一个单元格的括号里面(本题例子,把文本中的括号换成{答案}的格式,并按顺序填空)
    excel自动记录项目完成进度,是否逾期,逾期/提前完成天数,计算天数可以把now()改为today()
    jquery循环动画
    jquery动画(控制动画隐藏、显示时间轴)
  • 原文地址:https://www.cnblogs.com/linus-tan/p/10254752.html
Copyright © 2011-2022 走看看