Details
-
Bug
-
Resolution: Fixed
-
Blocker
-
17.9.0-rc-1, 17.4.6
-
Unknown
-
N/A
-
N/A
-
Description
XWIKI-23586 switched to standard Servlet cookie API, unfortunately Tomcat is not a fan of the dot prefix we add before the domain and I'm getting:
2025-11-03 10:44:33,233 [http-nio-8080-exec-33 - http://www.myxwiki.org/xwiki/bin/loginsubmit/XWiki/XWikiLogin] ERROR x.x.u.i.x.XWikiAuthServiceImpl - Failed to authenticate java.lang.IllegalArgumentException: An invalid domain [.myxwiki.org] was specified for this cookie at org.apache.tomcat.util.http.Rfc6265CookieProcessor.validateDomain(Rfc6265CookieProcessor.java:253) at org.apache.tomcat.util.http.Rfc6265CookieProcessor.generateHeader(Rfc6265CookieProcessor.java:147) at org.apache.catalina.connector.Response.generateCookieString(Response.java:881) at org.apache.catalina.connector.Response.addCookie(Response.java:837) at org.apache.catalina.connector.ResponseFacade.addCookie(ResponseFacade.java:302) at jakarta.servlet.http.HttpServletResponseWrapper.addCookie(HttpServletResponseWrapper.java:57) at jakarta.servlet.http.HttpServletResponseWrapper.addCookie(HttpServletResponseWrapper.java:57) at org.xwiki.jakartabridge.servlet.internal.JavaxToJakartaHttpServletResponseWrapper.addCookie(JavaxToJakartaHttpServletResponseWrapper.java:178) at javax.servlet.http.HttpServletResponseWrapper.addCookie(HttpServletResponseWrapper.java:98) at com.xpn.xwiki.user.impl.xwiki.MyPersistentLoginManager.addCookie(MyPersistentLoginManager.java:285) at com.xpn.xwiki.user.impl.xwiki.MyPersistentLoginManager.setupCookie(MyPersistentLoginManager.java:192) at com.xpn.xwiki.user.impl.xwiki.MyPersistentLoginManager.rememberLogin(MyPersistentLoginManager.java:228)
It most probably impact Tomcat 11 too.
Attachments
Issue Links
- is caused by
-
-
- Closed
-