https://blog.csdn.net/cml_blog/article/details/52135115

当项目中使用单点登录功能时,通常会使用cookie进行信息的保存,这样就可以在多个子域名上存取用户信息。
比如有三个domain分别为test.com,cml.test.com,b.test.com这三个域名下的cookie是需要互相访问的。这时会在response上写入cookie信息

Cookie cookie = new Cookie("testCookie", "test");
cookie.setDomain(".test.com");
cookie.setPath("/");
cookie.setMaxAge(36000);
resp.addCookie(cookie);
1
2
3
4
5
这样写在tomcat8.0上是没问题的,三个域名可以共享cookie信息。但是把它放到tomcat8.5上就报错了

java.lang.IllegalArgumentException: An invalid domain [.test.com] was specified for this cookie
at org.apache.tomcat.util.http.Rfc6265CookieProcessor.validateDomain(Rfc6265CookieProcessor.java:181)
at org.apache.tomcat.util.http.Rfc6265CookieProcessor.generateHeader(Rfc6265CookieProcessor.java:123)
at org.apache.catalina.connector.Response.generateCookieString(Response.java:989)
at org.apache.catalina.connector.Response.addCookie(Response.java:937)
at org.apache.catalina.connector.ResponseFacade.addCookie(ResponseFacade.java:386)
at com.cml.mvc.controller.HelloWorld.str(HelloWorld.java:98)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:221)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:137)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:110)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandleMethod(RequestMappingHandlerAdapter.java:777)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:706)
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
在tomcat8.5上是使用org.apache.tomcat.util.http.Rfc6265CookieProcessor

The standard implementation of CookieProcessor is org.apache.tomcat.util.http.Rfc6265CookieProcessor.

This cookie processor is based on RFC6265 with the following changes to support better interoperability:

Values 0x80 to 0xFF are permitted in cookie-octet to support the use of UTF-8 in cookie values as used by HTML 5.
For cookies without a value, the '=' is not required after the name as some browsers do not sent it.
The RFC 6265 cookie processor is generally more lenient than the legacy cookie parser. In particular:

The '=' and '/' characters are always permitted in a cookie value.
Name only cookies are always permitted.
The cookie header is always preserved.
No additional attributes are supported by the RFC 6265 Cookie Processor.
1
2
3
4
5
6
7
8
9
10
11
12
文档地址

在tomcat8.0上使用的是org.apache.tomcat.util.http.LegacyCookieProcessor

The standard implementation of CookieProcessor is org.apache.tomcat.util.http.LegacyCookieProcessor. Note that it is anticipated that this will change to org.apache.tomcat.util.http.Rfc6265CookieProcessor in a future Tomcat 8 release.

This is the legacy cookie parser based on RFC6265, RFC2109 and RFC2616. It implements a strict interpretation of the cookie specifications. Due to various interoperability issues with browsers not all strict behaviours are enabled by default and additional options are available to further relax the behaviour of this cookie processor if required.
1
2
3
文档地址

问题就可以定位在CookieProcessor不同实现引起的。
原因分析见下半篇博客:An invalid domain [.test.com] was specified for this cookie 原因分析

解决方法:

指定完整的domain信息,但是这样单点登录就会有问题了
Cookie cookie = new Cookie("testCookie", "test");
cookie.setDomain("cml.test.com");
cookie.setPath("/");
cookie.setMaxAge(36000);
resp.addCookie(cookie);
1
2
3
4
5
2.设置为一级域名(推荐)

Cookie cookie = new Cookie("testCookie", "test");
cookie.setDomain("test.com");
cookie.setPath("/");
cookie.setMaxAge(36000);
resp.addCookie(cookie);
1
2
3
4
5
域名问题参考文章:顶级域名和二级域名共享cookie及相互删除cookie
---------------------
作者:cmlbeliever
来源:CSDN
原文:https://blog.csdn.net/cml_blog/article/details/52135115
版权声明:本文为博主原创文章,转载请附上博文链接!

java.lang.IllegalArgumentException: An invalid domain [.test.com] was specified for this cookie的更多相关文章

  1. java.lang.IllegalArgumentException: An invalid domain [.test.com] was specified for this cookie解决方法

    当项目中使用单点登录功能时,通常会使用cookie进行信息的保存,这样就可以在多个子域名上存取用户信息. 比如有三个domain分别为test.com,cml.test.com,b.test.com这 ...

  2. 【Cookie】java.lang.IllegalArgumentException An invalid character [32] was present in the Cookie value

    创建时间:6.30 java.lang.IllegalArgumentException: An invalid character [32] was present in the Cookie va ...

  3. java.lang.IllegalArgumentException: An invalid character [34] was present in the Cookie value

    java.lang.IllegalArgumentException: An invalid character [34] was present in the Cookie value at org ...

  4. cookie实例---显示上一次访问的时间与java.lang.IllegalArgumentException: An invalid character [32] was present in the Cookie value

    创建Cookie,名为lasttime,值为当前时间,添加到response中: 在A.jsp中获取请求中名为lasttime的Cookie: 如果不存在输出“您是第一次访问本站”,如果存在输出“您上 ...

  5. 异常java.lang.IllegalArgumentException: An invalid character [32] was present in the Cookie value

    通过HttpServletResponse的addCookie(Cookie cookie)向客户端写cookie信息,这里使用的tomcat版本是8.5.31,出现如下报错: java.lang.I ...

  6. tomcat 8.5 及其 9.0 response写cookie 设置damain为 [.test.com] 出错 An invalid domain [.test.com] was specified for this cookie

    抛出异常: java.lang.IllegalArgumentException: An invalid domain [.test.com] was specified for this cooki ...

  7. An invalid domain [.test.com] was specified for this cookie 原因分析

    java.lang.IllegalArgumentException: An invalid domain [.test.com] was specified for this cookie 以上博客 ...

  8. 在访问jsp时抛java.lang.IllegalArgumentException: Page directive: invalid value for import的原因

    问题:java.lang.IllegalArgumentException: Page directive: invalid value for import 环境:tomcat 7.0.65 出错原 ...

  9. java.lang.IllegalArgumentException: Invalid source 'classpath:spring-mvc.xml'

    今天在跑项目时遇到java.lang.IllegalArgumentException: Invalid source 'classpath:spring-mvc.xml'报错,自己也是摸索了很久,一 ...

随机推荐

  1. unity3D 中的C#脚本一个类调用另一类中简单方法

    案例展示 SubMenuManage类中的实例化代码如下: static SubMenuManage sub_this; public static SubMenuManage Instance() ...

  2. images

  3. python socket 网络编程selector用法 (实用)

    Server端: import socketimport selectors class Server(object):def init(self,sel,sock):self.sel = selse ...

  4. C++基础知识:泛型编程

    1.泛型编程的概念 ---不考虑具体数据类型的编程模式Swap 泛型写法中的 T 不是一个具体的数据类型,而是泛指任意的数据类型. 2.函数模板 - 函数模板其实是一个具有相同行为的函数家族,可用不同 ...

  5. 深入理解java虚拟机---虚拟机工具jstat(十七)

    jstack---没什么用 jstack用于生成java虚拟机当前时刻的线程快照.线程快照是当前java虚拟机内每一条线程正在执行的方法堆栈的集合,生成线程快照的主要目的是定位线程出现长时间停顿的原因 ...

  6. nginx统计模块——ngx_http_stub_status_module

    今天呢给大家分享一个nginx的统计模块的使用,这个模快我们是经常的使用呢,在我们对nginx最优化,调优的时候我们就需要借助这个模块去分析nginx的性能. 下面我们来看看这个模块的语法格式, 这个 ...

  7. nginx 更改用户组

    为什么要更改 Nginx 服务的默认用户:就像更改 ssh 的默认 22 端口一样,增加安全性,Nginx 服务的默认用户是 nobody ,我们更改为 nginx 1) 添加 nginx 用户 us ...

  8. 压缩后的数据 要经过 base64_encode 后才能在网络上传送

    function ob_gzip($content) // $content 就是要压缩的页面内容{ if(!headers_sent() && // 如果页面头部信息还没有输出 ex ...

  9. display总结 overflow知识

    # display总结:# inline总结: # 1.同行显示, 就相当于纯位文本, 当一行显示不下, 如就是一字显示不下, 那么显示不下的那个字会自动换行;# 和纯文本的区别就是有纯文本的概念, ...

  10. Python 深度递归

    class A: pass class B(A): pass class C(A): pass class D(B, C): pass class E: pass class F(D, E): pas ...