In Tomcat environment, SMSESSION cookie is not decode by WebAgent.

Document ID : KB000046200
Last Modified Date : 14/02/2018
Show Technical Document Details

Issue:

In SSO environment launched Tomcat, WebAgent can't decode SMSESSION cookie, because SMSESSION cookie contains double quatation("").

 

Cause: 

It is issue of Tomcat 6.0.

According to RFC2109, from Tomcat 6, if it contain space, tab, symbol(()<>@,;:\”/[]?={}) in NAME or VALUE attribute, Tomcat add double quatation("") to them.

 

Resolution:

In Tomcat system property file, add like below parameters to it.

 

1. Dorg.apache.catalina.STRICT_SERVLET_COMPLIANCE=true

 

2. Dorg.apache.tomcat.util.http. ServerCookie.ALLOW_EQUALS_IN_VALUE=true

 

If you add only ?1.?parameter, Tomcat remove also equals(=), so you should allow equals(=) by ?2.?parameter.

 

 

Additional Information: 

RFC2109 :

https://www.ietf.org/rfc/rfc2109.txt

 

Apache Tomcat 6.0 :

https://tomcat.apache.org/tomcat-6.0-doc/config/context.html