Error, "An invalid domain [.xxxx.com] was specified for this cookie" is presented on login

Version 3
    Share:|

    This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.


    PRODUCT:

    Remedy AR System Server


    COMPONENT:

    AR System Mid Tier


    APPLIES TO:

    Tomcat 8.x, RSSO can get 623 errors too because of this processor



    PROBLEM:

    Login attempt produces the following error:
    HTTP 500Status 500 – Internal Server Error

       
       Type   Exception Report
    Message  j ava.lang.IllegalArgumentException: An invalid domain [.example.com] was specified for this cookie
    Description  The server encountered an unexpected condition that prevented it from fulfilling the request.
    Exception
    java.lang.RuntimeException: java.lang.IllegalArgumentException: An invalid domain [.example.com] was specified for this cookie
            com.remedy.arsys.stubs.GoatServlet.postInternal(GoatServlet.java:165)
            com.remedy.arsys.stubs.GoatHttpServlet.doPost(GoatHttpServlet.java:62)
            javax.servlet.http.HttpServlet.service(HttpServlet.java:661)
            javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
            org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
            com.remedy.arsys.stubs.TenancyFilter.doFilter(TenancyFilter.java:49)
            com.bmc.rsso.agent.RSSOFilter.doFilter(RSSOFilter.java:62)
    Root Cause
    java.lang.IllegalArgumentException: An invalid domain [.example.com] was specified for this cookie
    org.apache.tomcat.util.http.Rfc6265CookieProcessor.validateDomain(Rfc6265CookieProcessor.java:203)
    org.apache.tomcat.util.http.Rfc6265CookieProcessor.generateHeader(Rfc6265CookieProcessor.java:145)
            org.apache.catalina.connector.Response.generateCookieString(Response.java:1019)
            org.apache.catalina.connector.Response.addCookie(Response.java:967)
            org.apache.catalina.connector.ResponseFacade.addCookie(ResponseFacade.java:386)
            com.remedy.arsys.session.Login.generateGUID(Login.java:175)
            com.remedy.arsys.session.Login.initSessions(Login.java:456)
            com.remedy.arsys.session.Login.establishSession(Login.java:408)
            com.remedy.arsys.session.Login.establishSession(Login.java:316)
            com.remedy.arsys.stubs.GoatServlet.postInternal(GoatServlet.java:104)
            com.remedy.arsys.stubs.GoatHttpServlet.doPost(GoatHttpServlet.java:62)
            javax.servlet.http.HttpServlet.service(HttpServlet.java:661)
            javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
            org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
            com.remedy.arsys.stubs.TenancyFilter.doFilter(TenancyFilter.java:49)
            com.bmc.rsso.agent.RSSOFilter.doFilter(RSSOFilter.java:62)
    Note  The full stack trace of the root cause is available in the server logs.
      

     


    CAUSE:

    Tomcat 8.0.15 or later introduces a new configuration element called CookieProcessor. This processor errors out on the "period" in the domain name.


    SOLUTION:

    More information on the CookieProcessor: https://tomcat.apache.org/tomcat-8.0-doc/config/cookie-processor.html

    Current solution is to switch back to the pre-Tomcat 8.0.15 behavior by using the LegacyCookieProcessor.

       
    1. Edit the Tomcat/conf/context.xml
    2.  
    3. Add the statement:  inside the context XML tag following XML syntax rules
      <CookieProcessor className="org.apache.tomcat.util.http.LegacyCookieProcessor" />
    4.  
    5. Restart Tomcat.

     


    Article Number:

    000142047


    Article Type:

    Solutions to a Product Problem



      Looking for additional information?    Search BMC Support  or  Browse Knowledge Articles