Renaming the HTTP session cookie | HCL Digital Experience
The Java Servlet API up to Version 2.5 states that the session identification cookie must be named JSESSIONID. WebSphere Application Server Version 8 supports the Java Servlet API 3.0 that offers applications the option to rename the JSESSIONID cookie name. Therefore HCL Portal 8.5 also supports this option.
About this task
A common use case for changing the JSESSIONID cookie name
results from cookie name clashes due to HTTP proxy server usage. You
can avoid such conflicts by either of the following methods:
- Enable HTTP session ID reuse
- This prevents cookie name clashes by reusing the session ID values across different servers. To protect HCL Portal user sessions, you need to enable security integration in conjunction with session ID reuse. For details see the topic about Session management custom properties under the section about Http Session ID Reuse and the topics about Session security support and Session management settings in the appropriate WebSphere® Application Server Help Center for your portal environment.
Procedure
- Rename the HTTP session cookie on WebSphere® Application Server. To do this, proceed as follows:
- Open the WebSphere® Integrated Solutions Console.
- Select .
- Change the value for session cookie name as required.
- Click OK.
- Save your changes.
- Restart WebSphere® Application Server
- Regenerate the plug-in configuration file.
- If you are running a remote system, copy the plug-in configuration file to the remote server.
- To synchronize your portal with the changes you made in
the previous step, add the required properties to the Resource Environment
Providers for your portal: