https://blog.csdn.net/cml_blog/article/details/52135115

当项目中使用单点登录功能时,通常会使用cookie进行信息的保存,这样就可以在多个子域名上存取用户信息。
比如有三个domain分别为test.com,cml.test.com,b.test.com这三个域名下的cookie是需要互相访问的。这时会在response上写入cookie信息

Cookie cookie = new Cookie("testCookie", "test");
cookie.setDomain(".test.com");
cookie.setPath("/");
cookie.setMaxAge(36000);
resp.addCookie(cookie);
1
2
3
4
5
这样写在tomcat8.0上是没问题的,三个域名可以共享cookie信息。但是把它放到tomcat8.5上就报错了

java.lang.IllegalArgumentException: An invalid domain [.test.com] was specified for this cookie
at org.apache.tomcat.util.http.Rfc6265CookieProcessor.validateDomain(Rfc6265CookieProcessor.java:181)
at org.apache.tomcat.util.http.Rfc6265CookieProcessor.generateHeader(Rfc6265CookieProcessor.java:123)
at org.apache.catalina.connector.Response.generateCookieString(Response.java:989)
at org.apache.catalina.connector.Response.addCookie(Response.java:937)
at org.apache.catalina.connector.ResponseFacade.addCookie(ResponseFacade.java:386)
at com.cml.mvc.controller.HelloWorld.str(HelloWorld.java:98)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:221)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:137)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:110)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandleMethod(RequestMappingHandlerAdapter.java:777)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:706)
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
在tomcat8.5上是使用org.apache.tomcat.util.http.Rfc6265CookieProcessor

The standard implementation of CookieProcessor is org.apache.tomcat.util.http.Rfc6265CookieProcessor.

This cookie processor is based on RFC6265 with the following changes to support better interoperability:

Values 0x80 to 0xFF are permitted in cookie-octet to support the use of UTF-8 in cookie values as used by HTML 5.
For cookies without a value, the '=' is not required after the name as some browsers do not sent it.
The RFC 6265 cookie processor is generally more lenient than the legacy cookie parser. In particular:

The '=' and '/' characters are always permitted in a cookie value.
Name only cookies are always permitted.
The cookie header is always preserved.
No additional attributes are supported by the RFC 6265 Cookie Processor.
1
2
3
4
5
6
7
8
9
10
11
12
文档地址

在tomcat8.0上使用的是org.apache.tomcat.util.http.LegacyCookieProcessor

The standard implementation of CookieProcessor is org.apache.tomcat.util.http.LegacyCookieProcessor. Note that it is anticipated that this will change to org.apache.tomcat.util.http.Rfc6265CookieProcessor in a future Tomcat 8 release.

This is the legacy cookie parser based on RFC6265, RFC2109 and RFC2616. It implements a strict interpretation of the cookie specifications. Due to various interoperability issues with browsers not all strict behaviours are enabled by default and additional options are available to further relax the behaviour of this cookie processor if required.
1
2
3
文档地址

问题就可以定位在CookieProcessor不同实现引起的。
原因分析见下半篇博客:An invalid domain [.test.com] was specified for this cookie 原因分析

解决方法:

指定完整的domain信息,但是这样单点登录就会有问题了
Cookie cookie = new Cookie("testCookie", "test");
cookie.setDomain("cml.test.com");
cookie.setPath("/");
cookie.setMaxAge(36000);
resp.addCookie(cookie);
1
2
3
4
5
2.设置为一级域名(推荐)

Cookie cookie = new Cookie("testCookie", "test");
cookie.setDomain("test.com");
cookie.setPath("/");
cookie.setMaxAge(36000);
resp.addCookie(cookie);
1
2
3
4
5
域名问题参考文章:顶级域名和二级域名共享cookie及相互删除cookie
---------------------
作者:cmlbeliever
来源:CSDN
原文:https://blog.csdn.net/cml_blog/article/details/52135115
版权声明:本文为博主原创文章,转载请附上博文链接!

java.lang.IllegalArgumentException: An invalid domain [.test.com] was specified for this cookie的更多相关文章

  1. java.lang.IllegalArgumentException: An invalid domain [.test.com] was specified for this cookie解决方法

    当项目中使用单点登录功能时,通常会使用cookie进行信息的保存,这样就可以在多个子域名上存取用户信息. 比如有三个domain分别为test.com,cml.test.com,b.test.com这 ...

  2. 【Cookie】java.lang.IllegalArgumentException An invalid character [32] was present in the Cookie value

    创建时间:6.30 java.lang.IllegalArgumentException: An invalid character [32] was present in the Cookie va ...

  3. java.lang.IllegalArgumentException: An invalid character [34] was present in the Cookie value

    java.lang.IllegalArgumentException: An invalid character [34] was present in the Cookie value at org ...

  4. cookie实例---显示上一次访问的时间与java.lang.IllegalArgumentException: An invalid character [32] was present in the Cookie value

    创建Cookie,名为lasttime,值为当前时间,添加到response中: 在A.jsp中获取请求中名为lasttime的Cookie: 如果不存在输出“您是第一次访问本站”,如果存在输出“您上 ...

  5. 异常java.lang.IllegalArgumentException: An invalid character [32] was present in the Cookie value

    通过HttpServletResponse的addCookie(Cookie cookie)向客户端写cookie信息,这里使用的tomcat版本是8.5.31,出现如下报错: java.lang.I ...

  6. tomcat 8.5 及其 9.0 response写cookie 设置damain为 [.test.com] 出错 An invalid domain [.test.com] was specified for this cookie

    抛出异常: java.lang.IllegalArgumentException: An invalid domain [.test.com] was specified for this cooki ...

  7. An invalid domain [.test.com] was specified for this cookie 原因分析

    java.lang.IllegalArgumentException: An invalid domain [.test.com] was specified for this cookie 以上博客 ...

  8. 在访问jsp时抛java.lang.IllegalArgumentException: Page directive: invalid value for import的原因

    问题:java.lang.IllegalArgumentException: Page directive: invalid value for import 环境:tomcat 7.0.65 出错原 ...

  9. java.lang.IllegalArgumentException: Invalid source 'classpath:spring-mvc.xml'

    今天在跑项目时遇到java.lang.IllegalArgumentException: Invalid source 'classpath:spring-mvc.xml'报错,自己也是摸索了很久,一 ...

随机推荐

  1. Java正则表达式校验

    package com.study.string; import java.util.regex.Matcher; import java.util.regex.Pattern; /** * 正则表达 ...

  2. Tomcat错误:getOutputStream() has already been called for this response

    使用weblogic部署时,没有报错.客户现场使用tomcat后报错. 在tomcat下jsp中出现此错误一般都是在jsp中使用了输出流(如输出图片验证码,文件下载等),没有妥善处理好的原因.具体的原 ...

  3. day21-python操作mysql1

    python的mysql操作 mysql数据库是最流行的数据库之一,所以对于python操作mysql的了解是必不可少的.Python标准数据库接口为Python DB-API, Python DB- ...

  4. mybatis if标签判断字符串相等

    mybatis 映射文件中,if标签判断字符串相等,两种方式: 因为mybatis映射文件,是使用的ognl表达式,所以在判断字符串sex变量是否是字符串Y的时候, <if test=" ...

  5. json 2017-04-21 10 17

    jo := SO(); jo.S['tttt'] := 'tttt'; TbSendedTidJson['jo'] := jo; ja := TbSendedTidJson['jo'];//取出来后, ...

  6. [Spring]初识Spring-Spring是什么?如何实例化一个Spring容器?

    关于Spring入门的基础知识点 Spring简介 Spring是由Rod Johnson创建的轻量型容器,目的在于简化企业级开发.是一种容器框架 a.降低侵入性 b.提供了IOC(控制反转)和AOP ...

  7. Python&selenium&tesseract自动化测试随机码、验证码(Captcha)的OCR识别解决方案参考

    在自动化测试或者安全渗透测试中,Captcha验证码的问题经常困扰我们,还好现在OCR和AI逐渐发展起来,在这块解决上越来越支撑到位. 我推荐的几种方式,一种是对于简单的验证码,用开源的一些OCR图片 ...

  8. VS2010,MFC动态按钮和窗体背景图片,以及是静态文字控件透明,并避免静态文字刷新出现的重叠问题

    1.动态按钮的四种动作 1)正常 2)按下 3)滑过 4)失效 在MFC中,4个动作对应着四种位图bmp, 首先,将代表四种状态的位图加载入资源中,将对应的按钮设置为BitmapButton 第二,在 ...

  9. Beta阶段复审

    名字 优点 缺点 排名 都行可以随它去 1.界面美观,比较的友好: 2.新增记账的邮箱提醒功能. 1.程序有什么具体的bug和或缺陷?(1)没有账单删除的功能:(2)预算没有什么必要.2.项目的目标实 ...

  10. Delphi 10.3最新消息

    因为Google Play的要求,使Delphi官方被动的透出点消息:https://community.embarcadero.com/blogs/entry/deadline-approachin ...