https://blog.csdn.net/cml_blog/article/details/52135115

当项目中使用单点登录功能时,通常会使用cookie进行信息的保存,这样就可以在多个子域名上存取用户信息。
比如有三个domain分别为test.com,cml.test.com,b.test.com这三个域名下的cookie是需要互相访问的。这时会在response上写入cookie信息

Cookie cookie = new Cookie("testCookie", "test");
cookie.setDomain(".test.com");
cookie.setPath("/");
cookie.setMaxAge(36000);
resp.addCookie(cookie);
1
2
3
4
5
这样写在tomcat8.0上是没问题的,三个域名可以共享cookie信息。但是把它放到tomcat8.5上就报错了

java.lang.IllegalArgumentException: An invalid domain [.test.com] was specified for this cookie
at org.apache.tomcat.util.http.Rfc6265CookieProcessor.validateDomain(Rfc6265CookieProcessor.java:181)
at org.apache.tomcat.util.http.Rfc6265CookieProcessor.generateHeader(Rfc6265CookieProcessor.java:123)
at org.apache.catalina.connector.Response.generateCookieString(Response.java:989)
at org.apache.catalina.connector.Response.addCookie(Response.java:937)
at org.apache.catalina.connector.ResponseFacade.addCookie(ResponseFacade.java:386)
at com.cml.mvc.controller.HelloWorld.str(HelloWorld.java:98)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:221)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:137)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:110)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandleMethod(RequestMappingHandlerAdapter.java:777)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:706)
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
在tomcat8.5上是使用org.apache.tomcat.util.http.Rfc6265CookieProcessor

The standard implementation of CookieProcessor is org.apache.tomcat.util.http.Rfc6265CookieProcessor.

This cookie processor is based on RFC6265 with the following changes to support better interoperability:

Values 0x80 to 0xFF are permitted in cookie-octet to support the use of UTF-8 in cookie values as used by HTML 5.
For cookies without a value, the '=' is not required after the name as some browsers do not sent it.
The RFC 6265 cookie processor is generally more lenient than the legacy cookie parser. In particular:

The '=' and '/' characters are always permitted in a cookie value.
Name only cookies are always permitted.
The cookie header is always preserved.
No additional attributes are supported by the RFC 6265 Cookie Processor.
1
2
3
4
5
6
7
8
9
10
11
12
文档地址

在tomcat8.0上使用的是org.apache.tomcat.util.http.LegacyCookieProcessor

The standard implementation of CookieProcessor is org.apache.tomcat.util.http.LegacyCookieProcessor. Note that it is anticipated that this will change to org.apache.tomcat.util.http.Rfc6265CookieProcessor in a future Tomcat 8 release.

This is the legacy cookie parser based on RFC6265, RFC2109 and RFC2616. It implements a strict interpretation of the cookie specifications. Due to various interoperability issues with browsers not all strict behaviours are enabled by default and additional options are available to further relax the behaviour of this cookie processor if required.
1
2
3
文档地址

问题就可以定位在CookieProcessor不同实现引起的。
原因分析见下半篇博客:An invalid domain [.test.com] was specified for this cookie 原因分析

解决方法:

指定完整的domain信息,但是这样单点登录就会有问题了
Cookie cookie = new Cookie("testCookie", "test");
cookie.setDomain("cml.test.com");
cookie.setPath("/");
cookie.setMaxAge(36000);
resp.addCookie(cookie);
1
2
3
4
5
2.设置为一级域名(推荐)

Cookie cookie = new Cookie("testCookie", "test");
cookie.setDomain("test.com");
cookie.setPath("/");
cookie.setMaxAge(36000);
resp.addCookie(cookie);
1
2
3
4
5
域名问题参考文章:顶级域名和二级域名共享cookie及相互删除cookie
---------------------
作者:cmlbeliever
来源:CSDN
原文:https://blog.csdn.net/cml_blog/article/details/52135115
版权声明:本文为博主原创文章,转载请附上博文链接!

java.lang.IllegalArgumentException: An invalid domain [.test.com] was specified for this cookie的更多相关文章

  1. java.lang.IllegalArgumentException: An invalid domain [.test.com] was specified for this cookie解决方法

    当项目中使用单点登录功能时,通常会使用cookie进行信息的保存,这样就可以在多个子域名上存取用户信息. 比如有三个domain分别为test.com,cml.test.com,b.test.com这 ...

  2. 【Cookie】java.lang.IllegalArgumentException An invalid character [32] was present in the Cookie value

    创建时间:6.30 java.lang.IllegalArgumentException: An invalid character [32] was present in the Cookie va ...

  3. java.lang.IllegalArgumentException: An invalid character [34] was present in the Cookie value

    java.lang.IllegalArgumentException: An invalid character [34] was present in the Cookie value at org ...

  4. cookie实例---显示上一次访问的时间与java.lang.IllegalArgumentException: An invalid character [32] was present in the Cookie value

    创建Cookie,名为lasttime,值为当前时间,添加到response中: 在A.jsp中获取请求中名为lasttime的Cookie: 如果不存在输出“您是第一次访问本站”,如果存在输出“您上 ...

  5. 异常java.lang.IllegalArgumentException: An invalid character [32] was present in the Cookie value

    通过HttpServletResponse的addCookie(Cookie cookie)向客户端写cookie信息,这里使用的tomcat版本是8.5.31,出现如下报错: java.lang.I ...

  6. tomcat 8.5 及其 9.0 response写cookie 设置damain为 [.test.com] 出错 An invalid domain [.test.com] was specified for this cookie

    抛出异常: java.lang.IllegalArgumentException: An invalid domain [.test.com] was specified for this cooki ...

  7. An invalid domain [.test.com] was specified for this cookie 原因分析

    java.lang.IllegalArgumentException: An invalid domain [.test.com] was specified for this cookie 以上博客 ...

  8. 在访问jsp时抛java.lang.IllegalArgumentException: Page directive: invalid value for import的原因

    问题:java.lang.IllegalArgumentException: Page directive: invalid value for import 环境:tomcat 7.0.65 出错原 ...

  9. java.lang.IllegalArgumentException: Invalid source 'classpath:spring-mvc.xml'

    今天在跑项目时遇到java.lang.IllegalArgumentException: Invalid source 'classpath:spring-mvc.xml'报错,自己也是摸索了很久,一 ...

随机推荐

  1. HTML代码转换为JavaScript字符串

    我有时在工作中用到字符串拼接基本上来自于此,链接 http://www.css88.com/tool/html2js/

  2. vue常见开发问题整理

    1.(webpack)vue-cli构建的项目如何设置每个页面的title 在路由里每个都添加一个meta [{ path:'/login', meta: { title: '登录页面' }, com ...

  3. Oracle 12c Sharding测试过程中的问题解决

    Sharding测试过程中的问题解决 1. 环境部署 软件的版本需要12.2.0.0.3及以上的版本 在配置GSM的时候报错信息不会很直观的展示出来,这对于安装部署有很大阻碍. 2. 数据导入 Dup ...

  4. angular4-注入服务

    //配置已创建的服务:import { MemberService } from "./member.service";@NgModule({ // ... providers: ...

  5. 【转载】JVM系列二:GC策略&内存申请、对象衰老

    JVM里的GC(Garbage Collection)的算法有很多种,如标记清除收集器,压缩收集器,分代收集器等等,详见HotSpot VM GC 的种类 现在比较常用的是分代收集(generatio ...

  6. Cracking The Coding Interview 5.7

    //An array A[1-n] contains all the integers from 0 to n except for one number which is missing. In t ...

  7. codeforces983A(数学题)

    A. Finite or not? time limit per test 1 second memory limit per test 256 megabytes input standard in ...

  8. Asp.Net MVC3.0中防止跨站的POST

    在Form中添加 @Html.AntiForgeryToken(); 在后台的Action中增加 [ValidateAntiForgeryToken] 这个方法还可以添加自定义的参数 @Html.An ...

  9. elasticsearch.in.sh优化内存

    elasticsearch.in.sh文件主要是内存优化 ES_MIN_MEM=24g(24g是物理内存的一半) ES_MAX_MEM=24g ES调优: 1.Java层面的调优,加大JVM的可用内存 ...

  10. session_id 生成原理

    PHPSESSID生成 生成规则是根据hash_func散列来生成的,相关的参数有: - 客户端IP - 当前时间(秒) - 当前时间(微妙) - PHP自带的随机数生产器 hash_func是php ...