Can two web applications (servlet contexts) share the same session object?

Created May 7, 2012

Alessandro A. Garbagnati

By default, the session object is context-specific. Although a few servlet containers (Tomcat, Resin) may allow web applications to share session contexts by means of the "crosscontext" setting within the deployment descriptor, by default, that should not be allowed for security purposes and must be used cautiously only for admin-type applications.

[For example:

<Context path="/myapp" docBase="/home/web/myapp'" crossContext="true" debug="0" reloadable="false" trusted="false" />

-Alex]

Post a comment

Email Article

Print Article

Share Articles

Digg

del.icio.us

Newsvine

Facebook

Google

LinkedIn

MySpace

Reddit

Slashdot

StumbleUpon

Technorati

Twitter

Windows Live

YahooBuzz

FriendFeed

0 Comments (click to add your comment)

Comment and Contribute

Your name/nickname

Your email

WebSite

Subject

(Maximum characters: 1200). You have 1200 characters left.

Most Popular jGuru Stories

Editor's Picks

Most Popular

The Java Game Development Tutorial

Files and Directories in Java

Load Testing your Applications with Apache JMeter

Unit Testing Java Programs

Using SOAP with Java

Repeating Annotations in Java 8